[wp-trac] [WordPress Trac] #26878: Question mark in the url doesn't return 404 and can be abused
WordPress Trac
noreply at wordpress.org
Mon Jan 20 10:01:35 UTC 2014
#26878: Question mark in the url doesn't return 404 and can be abused
--------------------------+----------------------
Reporter: Andrew8192 | Owner:
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: Query | Version:
Severity: normal | Resolution: invalid
Keywords: |
--------------------------+----------------------
Changes (by johnbillion):
* status: new => closed
* resolution: => invalid
* component: Permalinks => Query
* severity: major => normal
* milestone: Awaiting Review =>
Comment:
There's no reason for WordPress to return a 404 here. The URL is valid and
points to content on your site. Everything after the question mark in the
URL is a query string. How would WordPress know that the content in that
particular query string should cause a 404?
This is an unfortunate case of abuse by spammers, but it's not up to
WordPress to handle. The problem would affect any CMS or script on any
site.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/26878#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list