WordPress.org
Get WordPress

Make WordPress Core

Opened 5 weeks ago

Last modified 5 weeks ago

#62962 new defect (bug)

Comments feed

Reported by: manbo's profile manbo Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version: 6.7.2
Component: Feeds Keywords: reporter-feedback
Focuses: Cc:

Description

Hello.
Normally, a comments feed has a URL like http://example.com/comments/feed/, but even if you access a non-existent URL like http://example.com/abcdefg/feed/, the XML will be displayed.
is_comment_feed() works on this unknown URL, so it's clear that a comment feed is involved.
The XML displayed when the unknown URL is accessed also contains the word Comments, so it's definitely related to a comments feed.

XML excerpt

<title>
Comments on: </title>
<atom:link href="https://192.168.100.100/abcdefg/feed/" rel="self" type="application/rss+xml" />
<link>https://192.168.100.100</link>
<description>TEST</description>
<lastBuildDate>Wed, 12 Feb 2025 10:20:24 +0000</lastBuildDate>
<sy:updatePeriod>
hourly </sy:updatePeriod>
<sy:updateFrequency>
1 </sy:updateFrequency>
<generator>https://wordpress.org/?v=6.7.2</generator>

Change History (3)

#1 @pratiklondhe
5 weeks ago

  • Keywords reporter-feedback added

hi, @manbo , can you elaborate a bit what is the issue is here exactly?

#2 @manbo
5 weeks ago

The problem is that it doesn't return an 404error when accessing a non-existent URL.

#3 @manbo
5 weeks ago

A simple solution


add_action( 'template_redirect', function() {
        if ( is_comment_feed() && esc_url_raw( site_url().$_SERVER['REQUEST_URI'] ) !== get_feed_link( 'comments_rss2' ) ) {
                wp_die( '', '', array( 'response' => 404 ) );
        }
} );
Note: See TracTickets for help on using tickets.