Make WordPress Core

Opened 7 years ago

Last modified 8 months ago

#23017 new defect (bug)

Support for fatal errors on XML-RPC

Reported by: koke Owned by:
Milestone: Priority: normal
Severity: normal Version: 3.5
Component: XML-RPC Keywords: has-patch dev-feedback
Focuses: Cc:
PR Number:


Similar to #16748, when a fatal error occurs, PHP will output some HTML code which at best is confusing for XML-RPC clients.

Using the shutdown action, we could die more gracefully and return a XML-RPC formatted error

Attachments (2)

23017.diff (920 bytes) - added by koke 7 years ago.
23017-set-error-handler.diff (968 bytes) - added by beaucollins 7 years ago.

Download all attachments as: .zip

Change History (11)

7 years ago

#1 @koke
7 years ago

Not sure if the attached patch would be the best implementation, but it's a starting point

#2 @daniloercoli
7 years ago

  • Cc ercoli@… added

#3 @sirzooro
7 years ago

  • Cc sirzooro added

+1 for this.

PHP error should be reported in debug environment only - otherwise this is a potential security issue. Please check if WP_DEBUG is set to true; if not, return some generic error message like "WP internal error" instead.

#4 @redsweater
7 years ago

Very cool idea. I'm definitely excited by anything that would improve the verbosity of errors when connecting via XMLRPC.

sirzooro: Would it be possible to set this up so it reports the PHP error only when the XMLRPC client has authenticated? The vast majority of error-prone activity occurs only after the user has authenticated, where it would make sense to allow verbose error messages to be conveyed to the user through XMLRPC. In this case, I don't think it would be a security issue to pass that along, at least for most WordPress configurations. Perhaps it could be limited to specific user roles.

#5 @SergeyBiryukov
7 years ago

  • Version changed from trunk to 3.5

#6 @beaucollins
7 years ago

Similarly, perhaps we can have the wp_xmlrpc_server use set_error_handler to prevent all non-fatal errors from being dumped to stdout in the event that PHP is configured to report errors to STDOUT.

#7 @beaucollins
7 years ago

  • Cc beaucollins added

#9 @chriscct7
4 years ago

  • Keywords dev-feedback added; mobile removed
Note: See TracTickets for help on using tickets.