Ticket #5446 (closed defect (bug): fixed)

Opened 4 years ago

Last modified 4 years ago

Return error when requesting invalid feed format

Reported by: pishmishy Owned by: pishmishy
Priority: normal Milestone: 2.5
Component: General Version: 2.3.1
Severity: normal Keywords: has-patch feeds
Cc:

Description

Requesting an invalid feed format (say  http://www.myblog.com/?feed=foo) results in a blank page. This is due to do_feed() in functions.php calling hooked actions without any feedback on whether the appropriate action actually exists. Depends on #5445.

Attachments

5446.patch Download (513 bytes) - added by pishmishy 4 years ago.
New patch, translatable and escaped text

Change History

comment:1   pishmishy4 years ago

  • Status changed from new to assigned

comment:2   pishmishy4 years ago

Revised patch using feedback from #5445

comment:3   ryan4 years ago

$feed needs to be escaped to avoid XSS. The message also need to be marked for translation.

pishmishy4 years ago

New patch, translatable and escaped text

comment:4   ryan4 years ago

  • Status changed from assigned to closed
  • Resolution set to fixed

(In [7038]) Return error when requesting invalid feed format. Props pishmishy. fixes #5446

comment:5   ryan4 years ago

  • Milestone changed from 2.6 to 2.5
Note: See TracTickets for help on using tickets.