Changeset 10471
- Timestamp:
- 11/26/2020 11:52:07 PM (4 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
sites/trunk/wordpress.org/public_html/wp-content/mu-plugins/pub/wporg-bad-request.php
r10403 r10471 109 109 110 110 /** 111 * Detect invalid requests from vulnerability scanners to Jetpack Share by Email forms. 112 */ 113 add_action( 'send_headers', function() { 114 if ( ! isset( $_REQUEST['share'] ) ) { 115 return; 116 } 117 118 $share_by_email_fields = [ 119 'target_email', 120 'source_email', 121 'source_f_name', 122 'source_name', 123 ]; 124 125 foreach ( $share_by_email_fields as $field ) { 126 if ( isset( $_POST[ $field ] ) && ! is_scalar( $_REQUEST[ $field ] ) ) { 127 die_bad_request( "non-scalar $field in Jetpack Share By Email" ); 128 } 129 } 130 } ); 131 132 /** 111 133 * Die with a 400 Bad Request. 112 134 *
Note: See TracChangeset
for help on using the changeset viewer.