WordPress.org

Make WordPress Core

Opened 4 years ago

Closed 4 years ago

Last modified 4 years ago

#12341 closed defect (bug) (fixed)

Invalid feed type returns 500 HTTP response

Reported by: aaroncampbell Owned by: westi
Milestone: 3.0 Priority: normal
Severity: normal Version:
Component: General Keywords: has-patch commit
Focuses: Cc:

Description

It looks like passing a bad value to the get variable "feed" gives an HTTP response 500 (see http://ma.tt/?feed=1234). That doesn't sound like the right response. It seems like it should be a 40x response. I read the Status Code Definitions, but I'm not totally sure which one is most appropriate. The attached patch changes it to send a 404.

Attachments (1)

12341.001.diff (632 bytes) - added by aaroncampbell 4 years ago.

Download all attachments as: .zip

Change History (7)

aaroncampbell4 years ago

comment:1 follow-up: beaulebens4 years ago

I would agree that it should be either a 404 or a 401 (Bad Request).

comment:2 in reply to: ↑ 1 nacin4 years ago

  • Milestone changed from Unassigned to 3.0

Replying to beaulebens:

I would agree that it should be either a 404 or a 401 (Bad Request).

I imagine you mean 400 -- 401 is for a failed HTTP auth.

404 seems fine to me if we want to be more generic than 400.

comment:3 aaroncampbell4 years ago

Sounds like 404 makes sense then. Can we get this applied?

comment:4 westi4 years ago

  • Keywords commit added; dev-feedback removed
  • Owner set to westi
  • Status changed from new to accepted

404 make sense to me.

What you asked for wasn't found.

comment:5 westi4 years ago

  • Resolution set to fixed
  • Status changed from accepted to closed

(In [13408]) Return a 404 error if the request feed type doesn't exist not a 500. Fixes #12341 props aaroncampbell.

comment:6 aaroncampbell4 years ago

Thanks. Do you think there's any chance of getting this into the 2.9 branch?

I'd like to be able to tell my client (the one where I discovered the issue) that they're safe to do any upgrades...rather than tell them they're safe to upgrade "once 3.0 is out"

Note: See TracTickets for help on using tickets.