close
WordPress.org
Get WordPress

Make WordPress Core

Opened 3 weeks ago

Last modified 4 days ago

#64890 reopened defect (bug)

Harden `WP_HTTP_Polling_Sync_Server` endpoint

Reported by: czarate's profile czarate Owned by: peterwilsoncc's profile peterwilsoncc
Milestone: 7.0 Priority: normal
Severity: normal Version: trunk
Component: REST API Keywords: has-patch dev-feedback
Focuses: Cc:

Description

The endpoint defined by WP_HTTP_Polling_Sync_Server can benefit from additional input validation and permission checks in order to accept only the intended input and use cases.

Change History (5)

Image

This ticket was mentioned in PR #11296 on WordPress/wordpress-develop by @czarate.
3 weeks ago #1

  • Keywords has-patch added

Harden WP_HTTP_Polling_Sync_Server endpoints to add additional validation and permission checks.

Props @peterwilsoncc for contributions

#2 Image @westonruter
2 weeks ago

  • Milestone changed from Awaiting Review to 7.0

Image

This ticket was mentioned in Slack in #core by audrasjb. View the logs.
12 days ago

#4 Image @peterwilsoncc
4 days ago

  • Owner set to peterwilsoncc
  • Resolution set to fixed
  • Status changed from new to closed

In 62198:

REST API: Harden Real Time Collaboration endpoint.

Adds additional validation and permission checks the the Real Time Collaboration endpoint to ensure only input in the expected format is supported.

Props czarate, westonruter, joefusco.
Fixes #64890.

#5 Image @peterwilsoncc
4 days ago

  • Keywords dev-feedback added
  • Resolution fixed deleted
  • Status changed from closed to reopened

Reopening for merge consideration to the 7.0 branch pending another committers sign off.

Note: See TracTickets for help on using tickets.