Ajax status 403 after cache

this is usually nonce issue , but please forgive my bluntness, where is the search bar/box ?

• This reply was modified 5 months, 1 week ago by qtwrk.

Well it became quite a mess in this thread.

@qtwrk No problem, my bad, I’ve hidden search due to this error. Now It should be visible in top-left corner near menu. Bear in mind now it works, but that’s because I’ve purged cache lately. I’ll let You know when the problem occurs (probably in next couple of hours).

• This reply was modified 5 months, 1 week ago by dzyndzel.

@qtwrk?Little update. Due to unplanned site updates I’ll let You know tomorrow. Sorry for delay.

@qtwrk now error is visible, You can check website.

please search searchwp_live_search_client_nonce as keyword in your search plugin , and share me the line it was found.

Excuse me, but I don’t understand. Can You paraphrase this?

like a text-search that keyword over your plugin that is responsible for the search box ?

There You go:

• This reply was modified 5 months ago by dzyndzel.
• This reply was modified 5 months ago by dzyndzel.

no no , not in there, I mean in plugin’s source code

Well, I’ve looked into every php file in plugin source code and wasn’t able to find searchwp_live_search_client_nonce

if it’s not in code, it won’t show in page , you must have missed somewhere , or please check with plugin support and ask about it

You were right. After little bit of intense searching I’ve found following appearances:

• In \includes\class-form.php at line 288
• In \includes\class-client.php at line 199
• In \src\script.js at line 379

please share line 3 lines before and after on first 2 files where this keyword shows up.

In \includes\class-client.php:

public function check_ajax_permissions() {
      check_ajax_referer(
          'searchwp_live_search_client_nonce',
          'searchwp_live_search_client_nonce',
          true);
}

/**
* Potential (opt-in) performance tweak: skip any plugin that's not SearchWP-related.
*

And this function is used in following function at the same file:

public function search() {
                $this->check_ajax_permissions();

		if ( empty( $_REQUEST['swpquery'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification.Recommended
			die();
		}

		$this->set_excerpt_length();

		if ( Utils::is_searchwp_active() ) {
			$this->show_results_searchwp_active();
		} else {
			$this->show_results_searchwp_not_active();
		}

		// Short circuit to keep the overhead of an admin-ajax.php call to a minimum.
		die();
	}

In \includes\class-form.php:

// Set up our parameters.
		$params = [
			'ajaxurl'                           => esc_url( $ajaxurl ),
			'origin_id'                         => get_queried_object_id(),
			'config'                            => $this->configs,
			'msg_no_config_found'               => esc_html__( 'No valid SearchWP Live Search configuration found!', 'searchwp-live-ajax-search' ),
			'aria_instructions'                 => esc_html__( 'When autocomplete results are available use up and down arrows to review and enter to go to the desired page. Touch device users, explore by touch or with swipe gestures.' , 'searchwp-live-ajax-search' ),
			'searchwp_live_search_client_nonce' => wp_create_nonce( 'searchwp_live_search_client_nonce' ),
		];

		// We need to JSON encode the configs.
		$encoded_data = [
			'l10n_print_after' => 'searchwp_live_search_params = ' . wp_json_encode( $params ) . ';',
		];

		// Localize and enqueue the script with all the variable goodness.
		wp_localize_script( 'swp-live-search-client', 'searchwp_live_search_params', $encoded_data );

thanks

now please go to Cache -> ESI -> enable ESI

then add searchwp_live_search_client_nonce into ESI nonce list

save and purge all