[wp-trac] [WordPress Trac] #11286: Normal User Input Causes Status 500
WordPress Trac
wp-trac at lists.automattic.com
Thu Sep 13 09:57:16 UTC 2012
#11286: Normal User Input Causes Status 500
------------------------------------+-----------------------------
Reporter: miqrogroove | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Future Release
Component: Comments | Version: trunk
Severity: normal | Resolution:
Keywords: has-patch commit early |
------------------------------------+-----------------------------
Changes (by mdgl):
* version: 2.8.4 => trunk
Comment:
I agree totally with bpetty (comment:36) that comment validation errors
should just return a HTTP response code of 200, also with nacin (#18630 -
first comment) that big changes are really needed to the way that we post
comments.
The current mechanism (HTTP POST to /wp-comments-post.php followed by
redirect back to original page) is somewhat antediluvian and I believe
today's users will expect to interact directly with the comment form on
the page, perhaps with JS for validation and submission. That, however has
the potential to impact greatly on themes.
As an interim measure, I propose that the calls to wp_die() that originate
from wp_allow_comment() are moved just to the "top level applications"
that submit comments (i.e. wp-comments-post.php, admin and XML-RPC). This
would involve a little refactoring of functions wp_new_comment() and
wp_allow_comment() to return an error status/message to be checked by
callers before deciding whether they should die or not. We should not
really be aborting execution deep down inside such library functions.
This would at least localise the problem (#11286, #17159, #10551) and give
themes/plugins a fighting chance of customising comment submission if they
want (#18630).
--
Ticket URL: <http://core.trac.wordpress.org/ticket/11286#comment:37>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list