#46141 closed task (blessed) (fixed)
Revert PHP error recovery
| Reported by: |
|
Owned by: |
|
|---|---|---|---|
| Milestone: | 5.1 | Priority: | highest omg bbq |
| Severity: | blocker | Version: | 5.1 |
| Component: | Site Health | Keywords: | servehappy has-patch |
| Focuses: | Cc: |
Description
While the WSOD protection and error recovery is super cool, it requires fairly substantial changes (eg, #46130) to address potential security issues.
The direction that #46130 is promising, but it's very late in the release cycle to be making this big a change in behaviour.
To give it an appropriate amount of time to soak, I'm proposing reverting the WSOD protection and error recovery behaviour from trunk, and trying again in WordPress 5.2.
Attachments (1)
Change History (10)
#4
@
7 years ago
- Keywords has-patch added
As mentioned already on Slack, I agree we should take the extra time to polish this feature and mitigate the security concerns, which is the goal of #46130. 46141.diff reverts the feature, while keeping some of the more generic fixes and improvements made for its support in place (e.g. better compatibility of wp_die(), wp_using_themes() function).
#6
@
7 years ago
@flixos90 I know you have reverted this, but we could put the php-error.php drop-in back in?
#8
@
7 years ago
This functionality is broken up into two pieces in my mind.
- The detection of errors and pausing of plugins / themes.
- A message that is displayed to users when the error handles.
Yes, I understand that the error detection and pausing has some security issues. But the displaying of errors could possiblity go in as a different commit. This stop users from seeing a WSOD and with the drop in add functionality to alert maintainer of site.
Important note: the existence of this ticket doesn't imply that a decision has been made. As beta 3 has been delayed to allow for this discussion, I'd like to minimise any further delays: once a decision has been made, we can commit the appropriate patches, and move on with releasing beta 3.