[wp-trac] [WordPress Trac] #52484: The wp_update_https_detection_errors function may fail to update option values.
WordPress Trac
noreply at wordpress.org
Tue Feb 23 19:33:13 UTC 2021
#52484: The wp_update_https_detection_errors function may fail to update option
values.
--------------------------+---------------------
Reporter: tmatsuur | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: 5.7.1
Component: Security | Version: trunk
Severity: normal | Resolution:
Keywords: has-patch | Focuses:
--------------------------+---------------------
Changes (by SergeyBiryukov):
* milestone: 5.7 => 5.7.1
Comment:
Thanks for the patch!
* I think the encoding conversion should be in the
`wp_update_https_detection_errors()` function rather than in
`WP_Http::request()`, as there is no way to know in what other contexts
the error message might be used.
* This would need a check if the `mb_detect_order()` and
`mb_convert_encoding()` functions exist, as the `mbstring` extension could
be disabled.
* The message would need to be converted to the site encoding determined
by `get_option( 'blog_charset' )`, which might not necessarily be UTF-8.
* It looks like the message is not displayed anywhere in the UI, so
perhaps it should not be stored in the database at all.
Since this needs more investigation, I'm moving the ticket to 5.7.1 for
now.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/52484#comment:8>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list