Specify a response for more wp_die calls
|Reported by:||aaroncampbell||Owned by:|
Since moving to wp_die(), we've started returning 500 errors (the default) in a lot of cases where we shouldn't (see #12341). For example, wp-comments-post.php gives error messages like 'Error: please fill the required fields (name, email).' and 'Error: please enter a valid email address.' but it sends them with a 500 HTTP response along with them.
Currently wp_die is used 278 times in 86 files. However, we only specify an HTTP response code 3 times:
Once in wp-includes/comment.php, specifying a 403
Twice in wp-includes/functions.php, specifying a 404 and a 403
I can't imagine that there are 275 times that we want to return a 500 response. I'd like to use this ticket to point out specific places this should be changed, and figure out what it should be changed to.
Part of the reason I want to do this, is that I've noticed that automated systems trying to break a site seem to see a 500 error as a clue that they are getting closer to their goal. They seem to pound a lot harder on the scripts that return 500 errors, so I'd like to clean these up and only return them when they're actually appropriate.
Change History (8)
- Milestone Unassigned deleted
- Resolution set to duplicate
- Status changed from new to closed