[wp-trac] [WordPress Trac] #46026: WSODs protection returns incorrect content type for XML Requests
WordPress Trac
noreply at wordpress.org
Fri Jan 18 11:52:03 UTC 2019
#46026: WSODs protection returns incorrect content type for XML Requests
------------------------------------------------+--------------------------
Reporter: spacedmonkey | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting
| Review
Component: Bootstrap/Load | Version: trunk
Severity: normal | Resolution:
Keywords: has-patch needs-testing servehappy | Focuses: multisite
------------------------------------------------+--------------------------
Comment (by birgire):
Thanks @spacedmonkey
@afragen What about using {{{<![CDATA[...]]>}}} for e.g. the external
input of {{{$message}}}?
Some minor things I noticed in [attachment:"46026.diff"]:
- It would be nice to add more information to the parameter's description
of {{{_wp_wrap_xml()}}}, like the type and description.
- Missing dot at the end of the {{{_wp_wrap_xml()}}} description.
- Extra new lines at the end of {{{wp_is_xml_request()}}} and the
indentation might need some adjustments.
- Should we format the {{{wp_die}}} in the description of
{{{_xml_wp_die_handler()}}}, e.g. add a link for the doc parsing, like
{{{{@see wp_die}}}} ?
- The function {{{wp_is_xml_request()}}} is not complicated, but it will
be a part of the public API, so should unit tests be added for it?
I would also have suggested using e.g. "halt" instead of "kill", but I see
that the latter is already used by core :-)
Not related to this ticket, but I don't see any {{{is_callable()}}} on the
filterable callbacks in {{{wp_die()}}}.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/46026#comment:4>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list