[wp-trac] [WordPress Trac] #56311: Week query variable is not being sanitized correctly
WordPress Trac
noreply at wordpress.org
Sun Jul 31 23:01:51 UTC 2022
#56311: Week query variable is not being sanitized correctly
---------------------------+------------------------------
Reporter: domainsupport | Owner: audrasjb
Type: defect (bug) | Status: assigned
Priority: normal | Milestone: Awaiting Review
Component: Query | Version:
Severity: normal | Resolution:
Keywords: | Focuses:
---------------------------+------------------------------
Comment (by peterwilsoncc):
There are two cases in which an out of range date value could trigger the
error message:
* a visitor to the site enters an out of range number in the request,
`?w=1234`, as mentioned above
* a developer enters an out of range number in a custom query `new
WP_Query( [ 'w' => 1234 ] )`
As the first case is out of the developers control, I think it should be
checked in `WP::parse_request()` and trigger a File Not Found error as
suggested. This avoids bloating the error logs with unfixable errors.
As the second case is within the developers control, I think logging an
error serves a purpose and the they should continue to be logged.
Is that an acceptable resolution for each of you?
--
Ticket URL: <https://core.trac.wordpress.org/ticket/56311#comment:4>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list