WordPress.org

Make WordPress Core

Opened 3 years ago

Closed 3 years ago

#37572 closed enhancement (fixed)

When wp-mail.php is disabled, it returns 500 instead of a more appropriate 403 response

Reported by: tomdxw Owned by: SergeyBiryukov
Milestone: 4.7 Priority: normal
Severity: normal Version: 4.5.3
Component: Mail Keywords: has-patch
Focuses: Cc:

Description

To reproduce:

  1. Add this to a theme or a plugin: add_filter('enable_post_by_email_configuration', function () { return false; });
  2. Visit /wp-mail.php

You will get a 500 Internal Server Error.

500 responses are reserved for an "unexpected condition" and therefore are monitored closely by sysadmins. Using 500 responses inappropriately wastes sysadmin time by forcing them to write a rule to ignore 500 responses coming from /wp-mail.php.

A 403 Forbidden status code would be more appropriate as it indicates that "the request is for something forbidden" which is exactly what the message says ("This action has been disabled by the administrator.").

Attachments (1)

37572.diff (534 bytes) - added by Presskopp 3 years ago.

Download all attachments as: .zip

Change History (6)

@Presskopp
3 years ago

#1 @Presskopp
3 years ago

  • Keywords has-patch added

This would be it, i guess.

#2 @lukecavanagh
3 years ago

@Presskopp

The patch applies cleanly without issues.

#3 @cbutlerjr
3 years ago

  • Type changed from defect (bug) to enhancement

#4 @SergeyBiryukov
3 years ago

  • Milestone changed from Awaiting Review to 4.7

#5 @SergeyBiryukov
3 years ago

  • Owner set to SergeyBiryukov
  • Resolution set to fixed
  • Status changed from new to closed

In 38332:

WP Mail: If post-by-email functionality is disabled, wp-mail.php should return a 403 Forbidden status code instead if 500 Internal Server Error.

Props Presskopp, tomdxw.
Fixes #37572.

Note: See TracTickets for help on using tickets.