Make WordPress Core

Opened 6 years ago

Closed 5 years ago

#46086 closed defect (bug) (duplicate)

In WSOD protection, only pause plugins/themes for validated users

Reported by: wfmattr's profile WFMattR Owned by:
Milestone: Priority: normal
Severity: normal Version: 5.1
Component: Bootstrap/Load Keywords:
Focuses: Cc:


Related to #44458, WSOD protection could still potentially be triggered by logged-in users who are not admins on wp-admin/ pages, or anonymous users on at least wp-login.php.

This ticket suggests that when a plugin/theme is added to the "paused" list, it could be paused only for validated users. Validation could be done by emailing the site admin (or all admins/super-admins) a special link with a random string similar to those used in password resets, and clicking the link could set a cookie that allows plugins/themes paused only for their session, including on the login page.

The site could still collect the list of paused plugins/themes the same way it's currently designed, and other users on the site, who may not be having any problems, will still have all plugins and the theme active. Since the original ticket was about trying to prevent WSODs for users updating PHP, and allowing admins to fix the issues that occur in plugins, this helps limit the effect to admins.

Related: a few other tickets will decrease how often pausing occurs, so plugins/themes will be less likely to be paused unnecessarily:

  • #45940 - WSOD protection should disable plugins in fewer situations
  • #46066 - Only pause plugins/themes for persistent errors
  • #45888 - Provide Opt-Out for WSOD Protection

But pausing could still be an issue for plugins/themes that only have a fatal error in limited situations, in some cases including invalid user input. 45940 and 45888 mention concern of attacks where non-admins could cause a plugin/theme to be paused too, and I mentioned similar issues in a comment on #44458. It looks like #45888 is still scheduled for 5.1, but it is not complete yet and only prevents pausing of plugins that add a header, which is good for security plugins, but not other plugins that an admin might consider to be critical to the site's operation. (Non-security plugins might also misuse that header to prevent pausing, to try to work around being paused for uncommon errors.)

Change History (2)

This ticket was mentioned in Slack in #core-php by wfmattr. View the logs.

5 years ago

#2 @flixos90
5 years ago

  • Milestone Awaiting Review deleted
  • Resolution set to duplicate
  • Status changed from new to closed

Hi @WFMattR! Thanks for opening this ticket, and you totally have a valid point. We hadn't spotted this ticket (or speaking for myself, I hadn't seen it until just now). We opened #46130 to address the same problem. Apologies - since that ticket has seen some additional work, I suggest we continue discussion there, and close this one as a duplicate. Please chime in there to give your feedback on the approach!

Note: See TracTickets for help on using tickets.