[wp-trac] [WordPress Trac] #37957: WordPress Maximum Post Submit Fields (was: Wordpress Maximum Post Submit Fields)
WordPress Trac
noreply at wordpress.org
Tue Sep 6 17:16:18 UTC 2016
#37957: WordPress Maximum Post Submit Fields
-------------------------------+------------------------------
Reporter: nathanmemoria | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Posts, Post Types | Version:
Severity: normal | Resolution:
Keywords: | Focuses: administration
-------------------------------+------------------------------
Description changed by SergeyBiryukov:
Old description:
> Wordpress submits post/page/custom post data & metadata in an HTTP post
> request. Because of a DOS vulnerability in PHP
> (http://www.phpclasses.org/blog/post/171-PHP-Vulnerability-May-Halt-
> Millions-of-Servers.html), a limit to php fields was added as the
> default.
>
> It there are 1,000+ fields, the default is not to truncate these fields
> without any notice. Several of my clients have suffered from this issues.
> Specifically, plugins that use a custom post type with a lot of meta data
> will be effected.
>
> This seems to be a core issue rather than a plugin issue. There are two
> solutions:
> Ideally, the data should all be wrapped in one field and submitted (as
> ajax requests currently are), or less ideal there should be a warning
> when data is lost.
New description:
Wordpress submits post/page/custom post data & metadata in an HTTP post
request. Because of a DOS vulnerability in PHP
(http://www.phpclasses.org/blog/post/171-PHP-Vulnerability-May-Halt-
Millions-of-Servers.html), a limit to php fields was added as the default.
It there are 1,000+ fields, the default is to truncate these fields
without any notice. Several of my clients have suffered from this issues.
Specifically, plugins that use a custom post type with a lot of meta data
will be effected.
This seems to be a core issue rather than a plugin issue. There are two
solutions:
Ideally, the data should all be wrapped in one field and submitted (as
ajax requests currently are), or less ideal there should be a warning when
data is lost.
--
--
Ticket URL: <https://core.trac.wordpress.org/ticket/37957#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list