WordPress.org

Make WordPress Core

Opened 8 months ago

Closed 8 months ago

#46719 closed defect (bug) (duplicate)

fastcgi_finish_request usage in wp-cron.php and 3party plugins

Reported by: Rahe Owned by:
Milestone: Priority: normal
Severity: minor Version: 5.1
Component: Cron API Keywords:
Focuses: Cc:
PR Number:

Description

Hello,

The 5.1 introduce the usage fastcgi_finish_request into wp-cron.php.
But the plugin wp-all-export pro allow to download data by calling directly an wp-cron.php url.

The process check if there is something to be downloaded and if this is the case, makes a wp_redirect call to the right file.

With the usage of fastcgi_finish_request , the connection is closed and the redirect is not spawned.

I don't know if multiple plugins are doing this, but this can be a problem in some cases when needing file streaming or redirections.

Maybe allow to deactivate ?

Nicolas,

Change History (1)

#1 @peterwilsoncc
8 months ago

  • Milestone Awaiting Review deleted
  • Resolution set to duplicate
  • Status changed from new to closed

I'm going to close this as a duplicate of #46417 as it also discusses sending headers after the fastcgi_finish_request() call.

wp-cron.php is intended to execute PHP code on a non-interactive loopback request. To prevent headers being sent on wp-cron, it's recommended to check headers_sent() beforehand:

<?php
if ( ! headers_sent() ) {
        header( 'X-Ticket: 46719' );
        // or redirects, starting sessions, setting cookies, etc.
}

In the case of this particular plugin, a custom endpoint or admin page is the recommended approach. Site users should not be sent to wp-cron.php and expect output.

Note: See TracTickets for help on using tickets.