WordPress.org

Make WordPress Core

Opened 15 months ago

Closed 15 months ago

Last modified 12 months ago

#46950 closed defect (bug) (fixed)

Recovery Mode email being sent on non-protected endpoints

Reported by: TimothyBlynJacobs Owned by: TimothyBlynJacobs
Milestone: 5.2 Priority: high
Severity: major Version: 5.2
Component: Site Health Keywords: servehappy has-patch needs-testing commit
Focuses: Cc:

Description

At some point during the shuffle, usage of the is_protected_endpoint function was dropped. We should decide whether this should be reintroduced or the function removed.

At one point we discussed only sending the Recovery Mode email if the error occurs in a protected endpoint. Then, once the user is in recovery mode, any fatal errors ( even if they aren't in a protected endpoint ) are handled and the plugin will be paused. The idea being to reduce the potential email noise to places where the fatal error could be interfering with the login and WP-Admin experience.

Attachments (2)

46950.diff (592 bytes) - added by TimothyBlynJacobs 15 months ago.
46950.2.diff (811 bytes) - added by spacedmonkey 15 months ago.

Download all attachments as: .zip

Change History (15)

This ticket was mentioned in Slack in #core-php by timothybjacobs. View the logs.


15 months ago

#2 @TimothyBlynJacobs
15 months ago

I've added a patch which implements only sending the email if the error occurs on a protected endpoint.

Related slack meeting: https://wordpress.slack.com/archives/C60K3MP2Q/p1551110798043600

#3 @desrosj
15 months ago

  • Milestone changed from Awaiting Review to 5.2

#4 @JeffPaul
15 months ago

  • Keywords has-patch needs-testing added

This ticket was mentioned in Slack in #core-php by timothybjacobs. View the logs.


15 months ago

#6 @TimothyBlynJacobs
15 months ago

This was unintentionally dropped in this commit to the original PR, https://github.com/wp-core-php/wordpress-develop/pull/6/commits/917226bcd9d5a73e470f08d4ab7ab8efb0e7c4c4, when we reorganized.

This ticket was mentioned in Slack in #core-php by miss_jwo. View the logs.


15 months ago

#8 @TimothyBlynJacobs
15 months ago

This was discussed in #core-php, https://wordpress.slack.com/archives/C60K3MP2Q/p1555512749148500, and it looks like the path forward is to add the check to not send the email on protected endpoints.

In addition, the error template would be modified so that when on a protected endpoint to indicate to the user that they can check the admin email address for further instructions. The exact language to use is being worked on.

ie going from The site is experiencing technical difficulties. to something like The site is experiencing technical difficulties. Please check your site admin email inbox for instructions.

Importantly, this screen can be shown to any user, not necessarily the site admin themselves.

#9 @SergeyBiryukov
15 months ago

In 45238:

Bootstrap/Load: Only send the recovery mode email if the error occurs on a protected endpoint.

This reduces the potential email noise to places where the fatal error could be interfering with the login and admin experience.

Once the user is in recovery mode, any fatal errors (even if they aren't in a protected endpoint) are handled and the plugin or theme will be paused.

Props TimothyBlynJacobs.
See #46950.

#10 @spacedmonkey
15 months ago

  • Keywords commit added
  • Priority changed from normal to high

In 46950.2.diff includes text changes agreed in #core-php chat. See comment #8.

These need to committed asap because of the string freeze.

This ticket was mentioned in Slack in #core-php by spacedmonkey. View the logs.


15 months ago

#12 @SergeyBiryukov
15 months ago

  • Resolution set to fixed
  • Status changed from assigned to closed

In 45263:

Bootstrap/Load: Modify the fatal error template to indicate to the user that they can check the admin email address for further instructions.

Props spacedmonkey, TimothyBlynJacobs.
Fixes #46950.

#13 @spacedmonkey
12 months ago

  • Component changed from Bootstrap/Load to Site Health
Note: See TracTickets for help on using tickets.