[wp-trac] [WordPress Trac] #42102: File Editor: Make fatal error detection more robust for edits to PHP files (was: File Editor: Pass basic auth in error scraping loopback requests in addition to cookies)

Fri Oct 6 21:12:21 UTC 2017

#42102: File Editor: Make fatal error detection more robust for edits to PHP files
--------------------------+--------------------------
 Reporter:  westonruter   |       Owner:  westonruter
     Type:  defect (bug)  |      Status:  accepted
 Priority:  normal        |   Milestone:  4.9
Component:  General       |     Version:
 Severity:  normal        |  Resolution:
 Keywords:                |     Focuses:
--------------------------+--------------------------
Changes (by westonruter):

 * owner:   => westonruter
 * status:  new => accepted

Old description:

> On sites that have HTTP Basic auth enabled, the loopback request to do a
> fatal error scrape can fail, causing a bad PHP file edit to not be rolled
> back and instead appear as successful.
>
> Follow-up on #21622.
>
> See https://wordpress.slack.com/archives/C02RQBWTW/p1507181594000012

New description:

 Follow-up on #21622.

 I found that on sites that have HTTP Basic auth enabled, the loopback
 request to do a fatal error scrape can fail, causing a bad PHP file edit
 to not be rolled back and instead appear as successful. So we should pass
 basic auth in error scraping loopback requests in addition to cookies.

 Additionally, there are a couple other things to make it more robust:

 1. Set a timeout for the loopback requests to make sure that the spawning
 process runs longer than the spawned processes.
 2. Output needle on success too as a way confirm request went through
 successfully.
 3. Check response code and if not 200 then rollback the file change.

 See https://wordpress.slack.com/archives/C02RQBWTW/p1507181594000012

--

--
Ticket URL: <https://core.trac.wordpress.org/ticket/42102#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform