Make WordPress Core

Changeset 49385 for trunk


Ignore:
Timestamp:
10/29/2020 06:02:22 PM (4 years ago)
Author:
desrosj
Message:

XML-RPC: Return error message if attachment ID is incorrect.

Throw an error for incorrect attachment IDs when requesting a media object to ensure return signature is correct and doesn't include incorrectly typed values within the object.

Props zieladam, peterwilsoncc, whyisjake.
Merges [49376] to trunk.
See #49905.

Location:
trunk
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk

  • trunk/src/wp-includes/class-wp-xmlrpc-server.php

    r49380 r49385  
    43124312
    43134313        $attachment = get_post( $attachment_id );
    4314         if ( ! $attachment ) {
     4314        if ( ! $attachment || 'attachment' !== $attachment->post_type ) {
    43154315            return new IXR_Error( 404, __( 'Invalid attachment ID.' ) );
    43164316        }
Note: See TracChangeset for help on using the changeset viewer.