User-Agent Used When Requesting /wp-admin/execute-pings.php?time= Should not be Blank

[macmanx]

Currently, WordPress (v2.0.3) seems to use a blank user-agent when requesting /wp-admin/execute-pings.php?time=<number>. This is a common technique used by spammers to avoid spam filters. Without a user-agent, requests for files such as this (even if they come from one's own server) can seem very suspicious to the average log-reading user. Similar to the previously reported (and fixed) bug #1713, WordPress should not be employing the use of common spam techniques, and should identify itself with a WordPress user-agent whenever possible.

[error]

I've put in a patch which looks like it fixes the issue.

[error]

wp-includes/functions.php send user agent on execute-pings

[macmanx]

Thanks for the patch, Error! As far as this specific bug is concerned, it worked perfectly with apparently no adverse effects. As expected, /wp-admin/execute-pings.php?time= was requested with a "WordPress/2.0.3" user-agent.

However, at exactly the same time, something from my server sent a GET request for the test post's URL with no user-agent. Since there was no user-agent present, and since it was only requesting the post's URL, I can't tell if it was WordPress or something else.

This bug really shouldn't be limited to /wp-admin/execute-pings.php?time=, and I apologize for titling it as such. WordPress should always identify itself with a "WordPress/<version>" user-agent whenever possible.

[error]

Well, yes, I agree that it should. Unfortunately, WP is still quite full of duplicate code, and more seems to get added all the time. Oh well. Topic for another bug, maybe?

[ryan]

(In [4048]) Don't use blank user agent when pinging. Props error. fixes #2931

[(none)]

Milestone 2.0.4 deleted