Make WordPress Core

Opened 6 years ago

Closed 6 years ago

Last modified 5 years ago

#46141 closed task (blessed) (fixed)

Revert PHP error recovery

Reported by: pento's profile pento Owned by: flixos90's profile flixos90
Milestone: 5.1 Priority: highest omg bbq
Severity: blocker Version: 5.1
Component: Site Health Keywords: servehappy has-patch
Focuses: Cc:

Description

While the WSOD protection and error recovery is super cool, it requires fairly substantial changes (eg, #46130) to address potential security issues.

The direction that #46130 is promising, but it's very late in the release cycle to be making this big a change in behaviour.

To give it an appropriate amount of time to soak, I'm proposing reverting the WSOD protection and error recovery behaviour from trunk, and trying again in WordPress 5.2.

Attachments (1)

46141.diff (54.9 KB) - added by flixos90 6 years ago.

Download all attachments as: .zip

Change History (10)

#1 @pento
6 years ago

Important note: the existence of this ticket doesn't imply that a decision has been made. As beta 3 has been delayed to allow for this discussion, I'd like to minimise any further delays: once a decision has been made, we can commit the appropriate patches, and move on with releasing beta 3.

#2 @pento
6 years ago

  • Keywords servehappy added

#3 @pento
6 years ago

  • Owner changed from pento to flixos90

@flixos90
6 years ago

#4 @flixos90
6 years ago

  • Keywords has-patch added

As mentioned already on Slack, I agree we should take the extra time to polish this feature and mitigate the security concerns, which is the goal of #46130. 46141.diff reverts the feature, while keeping some of the more generic fixes and improvements made for its support in place (e.g. better compatibility of wp_die(), wp_using_themes() function).

#5 @flixos90
6 years ago

  • Resolution set to fixed
  • Status changed from assigned to closed

In 44717:

Bootstrap/Load: Revert fatal error recovery mechanism from 5.1 to polish for 5.2.

Due to the high number of follow-up tickets and associated security concerns, it was decided to reschedule the fatal error recovery feature for WordPress 5.2, in order to address these issues properly. The feature will continue to be developed, with iterations being merged into trunk early in the 5.2 release cycle.

Fixes #46141. See #44458, #45932, #45940, #46038, #46047, #46068.

#6 @spacedmonkey
6 years ago

@flixos90 I know you have reverted this, but we could put the php-error.php drop-in back in?

#7 @flixos90
6 years ago

@spacedmonkey Why? It's not used as long as the WSOD protection isn't there.

#8 @spacedmonkey
6 years ago

This functionality is broken up into two pieces in my mind.

  1. The detection of errors and pausing of plugins / themes.
  2. A message that is displayed to users when the error handles.

Yes, I understand that the error detection and pausing has some security issues. But the displaying of errors could possiblity go in as a different commit. This stop users from seeing a WSOD and with the drop in add functionality to alert maintainer of site.

#9 @spacedmonkey
5 years ago

  • Component changed from Bootstrap/Load to Site Health
Note: See TracTickets for help on using tickets.