WordPress.org

Make WordPress Core

Opened 4 years ago

Last modified 3 weeks ago

#19068 new defect (bug)

admin comment search never resets URL, grows infinitely

Reported by: _ck_ Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version: 3.2.1
Component: Comments Keywords: reporter-feedback
Focuses: administration Cc:

Description

When searching from /wp-admin/edit-comments.php
the URL will grow infinitely and never reset to it's base.

To reproduce this bug, simply search comments several times and then examine the resulting URL )by copying it to an editor). It will be over 1000 characters easily, because it's simply appending the previous searches and previous nonces for no useful reason.

Instead the form should just use /wp-admin/edit-comments.php as it's submit base.

But that form should not be using GET in the first place.

Allowing overly long URLs is also a security problem as it can give a window for XSS attacks.

I wouldn't be surprised if this design flaw exists in other parts of WP admin but I'll leave that up to someone else who has more patience.

Change History (5)

comment:1 @_ck_4 years ago

Sorry, I need to clarify further details to reproduce.

You need to check some of the resulting checkboxes and search (again).

Try a combination of approving some comments and also searching and the URL will keep growing.

Those checkboxes should NOT be submitted via a GET, that form should most certainly be fixed to use POST for that much data.

comment:2 follow-up: @SergeyBiryukov4 years ago

Switch to GET was done in #16335 to fix sorting of search results.

All list table search boxes currently use GET with an empty action, so we should be consistent here.

I've tried, but couldn't reproduce the issue yet. My steps:

  1. Search for some term to get three or more comments.
  2. Approve a couple of comments in search results using Bulk Actions dropdown.
  3. Search again (for a different term, or the same, doesn't seem to matter).
  4. URL still has only one copy of the query arguments.

comment:3 in reply to: ↑ 2 @_ck_4 years ago

Did they seriously switch admin functions that can potentially pass up to several thousand bytes of data to GET via URL just avoid fixing the sort routine with POST?

That is just dumbfounding. It defies all "best practice" programming techniques not to mention the security issues it can create.

comment:4 @nacin19 months ago

  • Component changed from Administration to Comments
  • Focuses administration added

comment:5 @tyxla3 weeks ago

  • Keywords reporter-feedback added

I'm also unable to reproduce this bug.

I've tried combining various actions in different order - searching for different terms, approving / trashing / marking as spam, but I was unable to reproduce it at all.

@_ck_: Can you please provide step-by-step instructions on how to reproduce this issue?

Note: See TracTickets for help on using tickets.