WordPress.org

Make WordPress Core

Opened 10 years ago

Closed 10 years ago

#10372 closed defect (bug) (fixed)

atom: attachment/file/\d doesn't find attachment file

Reported by: mysz Owned by: josephscott
Milestone: 2.8.5 Priority: normal
Severity: normal Version: 2.8.4
Component: AtomPub Keywords: has-patch
Focuses: Cc:
PR Number:

Description

When I try to download some file via AtomPub, I got thousends of warnings in 793 and 794 (wp-app.php) about bad stream. It's because there is no checking about correctness of path, and because there is not full path to upload directory. I attach proposition of patch.

Attachments (2)

wp-app.patch (1.1 KB) - added by mysz 10 years ago.
wp-app.php patch
wp-app.php.diff (993 bytes) - added by josephscott 10 years ago.

Download all attachments as: .zip

Change History (9)

@mysz
10 years ago

wp-app.php patch

#1 @Denis-de-Bernardy
10 years ago

  • Keywords reporter-feedback added
  • Milestone changed from Unassigned to 2.9

can you outline steps to reproduce (server config, software you're using, etc.)?

#2 @mysz
10 years ago

  • Cc marcin@… added

Wordpress from subversion: r11705, IdeaWebServer (home.pl webhosting webserver), PHP as FCGI.
My upload path is /photos.
Now at my desktop i try to play with python:

h = httplib.HTTPConnection ('h2o.sztolcman.eu')
h.set_debuglevel (10)
h.connect ()
h.request ('GET', '/wp-app.php/attachment/file/166', headers={'Authorization': 'Basic '+base64.b64encode ('login:password')})

I enable log in wp-app.php, and I got there warnings I describe before.

With patch I attached, I can download requested file correctly :)

ps. I tried to download file via browser: http://h2o.sztolcman.eu/wp-app.php/attachment/file/166 and I got the same warnings, and file downloading never ends.

#3 @Denis-de-Bernardy
10 years ago

  • Keywords has-patch added; reporter-feedback removed

#4 @josephscott
10 years ago

  • Cc joseph@… added

I was able to duplicate the problem and confirm that the patch fixes it. I couldn't get the diff to apply though so I've uploaded a refreshed version of it.

@mysz can you test my updated version of the patch and make it works for you as well. If so then it should be fine to get committed into -trunk.

If we are going to have a another release from the 2.8 branch then I think this should get committed there as well.

Just FYI you can also fetch the file via the src attribute in the content element. I'm not really sure why AtomPub provides two different URLs to access the same file in this case.

#5 @westi
10 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [11810]) Enable the APP attachment file download to work correctly rather than just returning a lot of php notices. Fixes #10372 for trunk props mysz.

#6 @westi
10 years ago

  • Milestone changed from 2.9 to 2.8.5
  • Resolution fixed deleted
  • Status changed from closed to reopened
  • Version set to 2.8.4

Re-open for 2.8 branch inclusion

#7 @westi
10 years ago

  • Resolution set to fixed
  • Status changed from reopened to closed

(In [11811]) Enable the APP attachment file download to work correctly rather than just returning a lot of php notices. Fixes #10372 for 2.8 branch props mysz.

Note: See TracTickets for help on using tickets.