Changeset 44717 for trunk/src/wp-includes/load.php

Timestamp:

01/30/2019 11:00:30 AM (4 years ago)

Author:

flixos90

Message:

Bootstrap/Load: Revert fatal error recovery mechanism from 5.1 to polish for 5.2.

Due to the high number of follow-up tickets and associated security concerns, it was decided to reschedule the fatal error recovery feature for WordPress 5.2, in order to address these issues properly. The feature will continue to be developed, with iterations being merged into trunk early in the 5.2 release cycle.

Fixes #46141. See #44458, #45932, #45940, #46038, #46047, #46068.

File:

• trunk/src/wp-includes/load.php (modified) (3 diffs)

trunk/src/wp-includes/load.php

@@ -698 +698 @@
     }
 
-    /*
-     * Remove plugins from the list of active plugins when we're on an endpoint
-     * that should be protected against WSODs and the plugin is paused.
-     */
-    if ( is_protected_endpoint() ) {
-        $plugins = wp_skip_paused_plugins( $plugins );
-    }
-
-    return $plugins;
-}
-
-/**
- * Filters a given list of plugins, removing any paused plugins from it.
- *
- * @since 5.1.0
- *
- * @param array $plugins List of absolute plugin main file paths.
- * @return array Filtered value of $plugins, without any paused plugins.
- */
-function wp_skip_paused_plugins( array $plugins ) {
-    $paused_plugins = wp_paused_plugins()->get_all();
-
-    if ( empty( $paused_plugins ) ) {
-        return $plugins;
-    }
-
-    foreach ( $plugins as $index => $plugin ) {
-        list( $plugin ) = explode( '/', plugin_basename( $plugin ) );
-
-        if ( array_key_exists( $plugin, $paused_plugins ) ) {
-            unset( $plugins[ $index ] );
-
-            // Store list of paused plugins for displaying an admin notice.
-            $GLOBALS['_paused_plugins'][ $plugin ] = $paused_plugins[ $plugin ];
-        }
-    }
-
     return $plugins;
 }
@@ -762 +725 @@
 
     $themes[] = TEMPLATEPATH;
-
-    /*
-     * Remove themes from the list of active themes when we're on an endpoint
-     * that should be protected against WSODs and the theme is paused.
-     */
-    if ( is_protected_endpoint() ) {
-        $themes = wp_skip_paused_themes( $themes );
-
-        // If no active and valid themes exist, skip loading themes.
-        if ( empty( $themes ) ) {
-            add_filter( 'wp_using_themes', '__return_false' );
-        }
-    }
-
-    return $themes;
-}
-
-/**
- * Filters a given list of themes, removing any paused themes from it.
- *
- * @since 5.1.0
- *
- * @param array $themes List of absolute theme directory paths.
- * @return array Filtered value of $themes, without any paused themes.
- */
-function wp_skip_paused_themes( array $themes ) {
-    $paused_themes = wp_paused_themes()->get_all();
-
-    if ( empty( $paused_themes ) ) {
-        return $themes;
-    }
-
-    foreach ( $themes as $index => $theme ) {
-        $theme = basename( $theme );
-
-        if ( array_key_exists( $theme, $paused_themes ) ) {
-            unset( $themes[ $index ] );
-
-            // Store list of paused themes for displaying an admin notice.
-            $GLOBALS['_paused_themes'][ $theme ] = $paused_themes[ $theme ];
-        }
-    }
 
     return $themes;
@@ -1291 +1212 @@
 
 /**
- * Determines whether we are currently on an endpoint that should be protected against WSODs.
- *
- * @since 5.1.0
- *
- * @return bool True if the current endpoint should be protected.
- */
-function is_protected_endpoint() {
-    // Protect login pages.
-    if ( isset( $GLOBALS['pagenow'] ) && 'wp-login.php' === $GLOBALS['pagenow'] ) {
-        return true;
-    }
-
-    // Protect the admin backend.
-    if ( is_admin() && ! wp_doing_ajax() ) {
-        return true;
-    }
-
-    // Protect AJAX actions that could help resolve a fatal error should be available.
-    if ( is_protected_ajax_action() ) {
-        return true;
-    }
-
-    /**
-     * Filters whether the current request is against a protected endpoint.
-     *
-     * This filter is only fired when an endpoint is requested which is not already protected by
-     * WordPress core. As such, it exclusively allows providing further protected endpoints in
-     * addition to the admin backend, login pages and protected AJAX actions.
-     *
-     * @since 5.1.0
-     *
-     * @param bool $is_protected_endpoint Whether the currently requested endpoint is protected. Default false.
-     */
-    return (bool) apply_filters( 'is_protected_endpoint', false );
-}
-
-/**
- * Determines whether we are currently handling an AJAX action that should be protected against WSODs.
- *
- * @since 5.1.0
- *
- * @return bool True if the current AJAX action should be protected.
- */
-function is_protected_ajax_action() {
-    if ( ! wp_doing_ajax() ) {
-        return false;
-    }
-
-    if ( ! isset( $_REQUEST['action'] ) ) {
-        return false;
-    }
-
-    $actions_to_protect = array(
-        'edit-theme-plugin-file', // Saving changes in the core code editor.
-        'heartbeat',              // Keep the heart beating.
-        'install-plugin',         // Installing a new plugin.
-        'install-theme',          // Installing a new theme.
-        'search-plugins',         // Searching in the list of plugins.
-        'search-install-plugins', // Searching for a plugin in the plugin install screen.
-        'update-plugin',          // Update an existing plugin.
-        'update-theme',           // Update an existing theme.
-    );
-
-    /**
-     * Filters the array of protected AJAX actions.
-     *
-     * This filter is only fired when doing AJAX and the AJAX request has an 'action' property.
-     *
-     * @since 5.1.0
-     *
-     * @param array $actions_to_protect Array of strings with AJAX actions to protect.
-     */
-    $actions_to_protect = (array) apply_filters( 'wp_protected_ajax_actions', $actions_to_protect );
-
-    if ( ! in_array( $_REQUEST['action'], $actions_to_protect, true ) ) {
-        return false;
-    }
-
-    return true;
-}
-
-/**
  * Determines whether the current request is a WordPress cron request.
  *