[wp-trac] [WordPress Trac] #45933: WSODs protection returns incorrect content type

WordPress Trac noreply at wordpress.org
Thu Jan 17 11:47:11 UTC 2019


#45933: WSODs protection returns incorrect content type
--------------------------------------------------+------------------------
 Reporter:  spacedmonkey                          |       Owner:  flixos90
     Type:  defect (bug)                          |      Status:  reviewing
 Priority:  normal                                |   Milestone:  5.1
Component:  Bootstrap/Load                        |     Version:  trunk
 Severity:  normal                                |  Resolution:
 Keywords:  servehappy needs-patch needs-testing  |     Focuses:  multisite
--------------------------------------------------+------------------------

Comment (by birgire):

 I had a quick look at {{{wp_is_xml_request()}}} in
 [attachment:"45933.8.diff"] and wonder about this part:

 {{{
 if ( isset( $_SERVER['CONTENT_TYPE'] ) && 'application/json' ===
 $_SERVER['CONTENT_TYPE'] ) {
     if ( isset( $_SERVER['CONTENT_TYPE'] ) && in_array(
 $_SERVER['CONTENT_TYPE'], $accepted, true ) ) {
         return true;
     }
 }
 }}}

 Here {{{isset( $_SERVER['CONTENT_TYPE'] )}}} is checked twice and
 {{{'application/json'}}} is not part of {{{$accepted}}}:

 {{{
 $accepted = array(
     'application/rss+xml',
     'application/rss+xml',
     'text/xml',
     'application/atom+xml',
     'application/rdf+xml',
 );
 }}}

 where the {{{'application/rss+xml'}}} is duplicated in {{{$accepted}}}.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/45933#comment:26>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list