Return meaningful HTTP response for comment submitted with no POST body
|Reported by:||niallkennedy||Owned by:|
A POST request to wp-comments-post.php currently returns a HTTP 200 response with an empty body if the body of the request was empty.
The server should die quickly and instruct the requesting agent not to repeat the request without modifications if minimum necessary key(s) are not present on $_POST.
I believe the possible creation of a comment requires at least a comment_post_ID. It's also the first $_POST key checked in the script. If the POST did not supply a comment_post_ID let's stop processing and provide a meaningful response. HTTP 400 Bad Request communicating the failure. Due to the spammy nature of the requestors we may or may not want to provide variable hints in the response.
Change History (6)
- Severity changed from normal to trivial
- Type changed from defect (bug) to enhancement