WordPress.org
Get WordPress

Make WordPress Core

Changes between Initial Version and Version 1 of Ticket #37863, comment 4


Ignore:
Timestamp:
08/30/2016 01:38:55 AM (9 years ago)
Author:
SergeyBiryukov
Comment:

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #37863, comment 4

    initial v1  
    1 Read my [original feedback to the support forum][https://wordpress.org/support/topic/wp-comments-postphp-
    2 http-version] for which the originator of this bug report decided to create a ticket for.
     1Read my [https://wordpress.org/support/topic/wp-comments-postphp-http-version original feedback to the support forum] for which the originator of this bug report decided to create a ticket for.
    32
    43The code above is wrong.
     
    872) There is no future support in place with this code. The code above falls apart as newer HTTP versions come out (HTTP 2.01, HTTP 3, etc) which then results in returning HTTP 1.0 error messages.
    98
    10 3) Further, <a href="https://tools.ietf.org/html/rfc2145#section-2.3">RFC 2145 says</a>
     93) Further, [https://tools.ietf.org/html/rfc2145#section-2.3 RFC 2145 says]:
    1110
    12 "An HTTP server SHOULD send a response version equal to the highest
    13 version for which the server is at least conditionally compliant, and
    14 whose major version is less than or equal to the one received in the
    15 request.  An HTTP server MUST NOT send a version for which it is not
    16 at least conditionally compliant.  A server MAY send a 505 (HTTP
    17 Version Not Supported) response if cannot send a response using the
    18 major version used in the client's request."
     11 "An HTTP server SHOULD send a response version equal to the highest
     12 version for which the server is at least conditionally compliant, and
     13 whose major version is less than or equal to the one received in the
     14 request.  An HTTP server MUST NOT send a version for which it is not
     15 at least conditionally compliant.  A server MAY send a 505 (HTTP
     16 Version Not Supported) response if cannot send a response using the
     17 major version used in the client's request."
    1918
    20 You must trust what is returned in $_SERVER['SERVER_PROTOCOL'].
    21 
     19You must trust what is returned in `$_SERVER['SERVER_PROTOCOL']`.
     20{{{
    2221<?php
    2322if ('POST' != $_SERVER['REQUEST_METHOD']) {
     
    2827}
    2928?>
    30 
     29}}}
    3130If someone visits the post comment URL with different HTTP Methods (DELETE, GET, PUT, etc.) and you tell them you support HTTP 1.0, you are misleading them, especially if it is a service that now is going to think only HTTP 1.0 is the way to post comments.