Make WordPress Core

Opened 2 years ago

Last modified 2 years ago

#37266 new defect (bug)

AJAX uploads fail to complete successfully when a cookie named "action" exists

Reported by: pembo13 Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version: 4.5.3
Component: Administration Keywords:
Focuses: Cc:


When a user has a cookie named "action", AJAX uploads to /wp-admin/async-upload.php fail to define DOING_AJAX because the check 'upload-attachment' === $_REQUEST['action'] since $_REQUEST includes $_COOKIES.

As a result, calling wp_die() at the end of wp_ajax_upload_attachment() results in the standard Wordpress error HTML being appended to the response, and an HTTP 500 error code being returned.

I'm currently seeing this being triggered by the "Calls To Action" plugin. See http://support.inboundnow.com/support/topic/calls-to-action-breaking-wordpress-image-upload/

This probably affects all versions of Wordpress.

Change History (1)

#1 @pembo13
2 years ago

  • Component changed from General to Administration
Note: See TracTickets for help on using tickets.