Make WordPress Core

Opened 5 weeks ago

Last modified 5 weeks ago

#44108 reviewing enhancement

wp-admin/load-styles.php returns 200 status code and empty response if required GET parameter is missing or invalid

Reported by: compilenix Owned by: johnbillion
Milestone: 5.0 Priority: low
Severity: major Version:
Component: Script Loader Keywords: has-patch dev-feedback needs-testing
Focuses: Cc:


It happend to me that a nginx reverse proxy did cut off all query parameters. This resulted in no CSS and JS for the WP backend / login.

Because the request was manipulated by a (reverse-) proxy i wasn't able to see that the request passed to wordpress was indeed "invalid", beacuse the load[] parameter is required to do something meaningful.

I want to add a small patch which checks if the load[] parameter is set and is formally valid. In the case where the load[] parameter isn't valid there should be an appropiate indicator that there is something wrong. With this I'm aiming to make it easier, for a developer or system administrator, to find this kind of "error".

Attachments (1)

44108.diff (2.8 KB) - added by compilenix 5 weeks ago.

Download all attachments as: .zip

Change History (4)

5 weeks ago

This ticket was mentioned in Slack in #core-committers by compilenix. View the logs.

5 weeks ago

#2 @swissspidy
5 weeks ago

  • Component changed from General to Script Loader
  • Keywords has-patch dev-feedback needs-testing added

#3 @johnbillion
5 weeks ago

  • Milestone changed from Awaiting Review to 5.0
  • Owner set to johnbillion
  • Priority changed from normal to low
  • Severity changed from trivial to major
  • Status changed from new to reviewing
  • Version trunk deleted

Thanks for the patch, @compilenix, and welcome to WordPress Trac!

Note: See TracTickets for help on using tickets.