[wp-trac] [WordPress Trac] #35006: Comments sent immediately to Trash for matching keyword blacklist should not generate email notifications
WordPress Trac
noreply at wordpress.org
Thu Dec 24 21:42:25 UTC 2015
#35006: Comments sent immediately to Trash for matching keyword blacklist should
not generate email notifications
------------------------------------------+------------------------------
Reporter: scottbrownconsulting | Owner:
Type: defect (bug) | Status: reopened
Priority: normal | Milestone: Awaiting Review
Component: Comments | Version: 4.4
Severity: normal | Resolution:
Keywords: needs-patch needs-unit-tests | Focuses:
------------------------------------------+------------------------------
Comment (by scottbrownconsulting):
There are the requested test findings.
The SI-CAPTCHA plugin does not do content filtering, it just presents and
validates a CAPTCHA. So the effect on all tests with invalid CAPTCHAs is
the pipeline stops right there, an "ERROR: Wrong CAPTCHA" error screen is
shown, and the comment never makes it downstream. So those tests don't add
much information.
I did positively produce the offending behavior in test #3 though. I
included a blacklisted keyword (the keyword was "prescription") in the
comment body, my blacklist was populated in Discussion Settings in admin,
the CAPTCHA was valid. The HTTP response strangely hanged, which is
definitely a clue. The comment went straight to "Trash" folder. A minute
later, I got an unwanted notification.
The notifications generated on this defect are different from
notifications on non-spam (non-autotrashed) comments in that their From:
address spoofs the "Name" field from the comment form. Normal (non-spam,
non-autotrashed) comments generate a notification from wordpress at mydomain
only. That is also interesting.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/35006#comment:12>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list