Make WordPress Core

Opened 12 years ago

Closed 5 years ago

#23017 closed defect (bug) (fixed)

Support for fatal errors on XML-RPC

Reported by: koke's profile koke Owned by:
Milestone: 5.2 Priority: normal
Severity: normal Version: 3.5
Component: XML-RPC Keywords: has-patch
Focuses: Cc:

Description

Similar to #16748, when a fatal error occurs, PHP will output some HTML code which at best is confusing for XML-RPC clients.

Using the shutdown action, we could die more gracefully and return a XML-RPC formatted error

Attachments (2)

23017.diff (920 bytes) - added by koke 12 years ago.
23017-set-error-handler.diff (968 bytes) - added by beaucollins 12 years ago.

Download all attachments as: .zip

Change History (12)

@koke
12 years ago

#1 @koke
12 years ago

Not sure if the attached patch would be the best implementation, but it's a starting point

#2 @daniloercoli
12 years ago

  • Cc ercoli@… added

#3 @sirzooro
12 years ago

  • Cc sirzooro added

+1 for this.

PHP error should be reported in debug environment only - otherwise this is a potential security issue. Please check if WP_DEBUG is set to true; if not, return some generic error message like "WP internal error" instead.

#4 @redsweater
12 years ago

Very cool idea. I'm definitely excited by anything that would improve the verbosity of errors when connecting via XMLRPC.

sirzooro: Would it be possible to set this up so it reports the PHP error only when the XMLRPC client has authenticated? The vast majority of error-prone activity occurs only after the user has authenticated, where it would make sense to allow verbose error messages to be conveyed to the user through XMLRPC. In this case, I don't think it would be a security issue to pass that along, at least for most WordPress configurations. Perhaps it could be limited to specific user roles.

#5 @SergeyBiryukov
12 years ago

  • Version changed from trunk to 3.5

#6 @beaucollins
12 years ago

Similarly, perhaps we can have the wp_xmlrpc_server use set_error_handler to prevent all non-fatal errors from being dumped to stdout in the event that PHP is configured to report errors to STDOUT.

#7 @beaucollins
12 years ago

  • Cc beaucollins added

#9 @chriscct7
9 years ago

  • Keywords dev-feedback added; mobile removed

#10 @ocean90
5 years ago

  • Keywords dev-feedback removed
  • Milestone set to 5.2
  • Resolution set to fixed
  • Status changed from new to closed

Fixed in [44973]/#44458.

Note: See TracTickets for help on using tickets.