Changeset 9939
- Timestamp:
- 05/29/2020 01:46:45 AM (5 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
sites/trunk/wordpress.org/public_html/wp-content/mu-plugins/pub/wporg-bad-request.php
r9926 r9939 57 57 if ( 58 58 isset( $_REQUEST['action'], $_REQUEST['email'], $_REQUEST['redirect_fragment'] ) 59 && 'subscribe' === $_REQUEST['action']59 && ( 'subscribe' === $_REQUEST['action'] || isset( $_REQUEST['jetpack_subscriptions_widget'] ) ) 60 60 ) { 61 if ( ! is_string( $_REQUEST[' email'] ) || ! is_string( $_REQUEST['redirect_fragment'] ) ) {61 if ( ! is_string( $_REQUEST['action'] ) || ! is_string( $_REQUEST['email'] ) || ! is_string( $_REQUEST['redirect_fragment'] ) ) { 62 62 die_bad_request( "non-scalar input to Jetpack Subscribe widget" ); 63 63 } … … 73 73 } 74 74 if ( ! isset( $_SERVER['HTTP_REFERER'] ) || ! isset( $_SERVER['HTTP_USER_AGENT'] ) ) { 75 die_bad_request( "Missing referer or user-agent " );75 die_bad_request( "Missing referer or user-agent for Jetpack Contact Form" ); 76 76 } 77 77 foreach ( $_REQUEST as $k => $v ) { 78 if ( 'sample@email.tst' === $v ) {78 if ( 'sample@email.tst' === $v || ( !empty( $v[0] ) && 'sample@email.tst' === $v[0] ) ) { 79 79 die_bad_request( "sample@email.tst input to Jetpack Contact Form" ); 80 80 } 81 81 } 82 82 } 83 } ); 84 85 // bbPress - https://bbpress.trac.wordpress.org/ticket/3373 86 add_action( 'template_redirect', function () { 87 if ( isset( $_REQUEST['action'] ) && is_array( $_REQUEST['action'] ) && function_exists( 'bbpress' ) ) { 88 if ( isset( $_REQUEST['action'][0] ) && 'bbp' === substr( $_REQUEST['action'][0], 0, 3 ) ) { 89 die_bad_request( "non-scalar input to bbPress subactions." ); 90 } 91 } 92 }, 5 ); // before bbp_template_redirect 83 }, 9 ); 93 84 94 85 /**
Note: See TracChangeset
for help on using the changeset viewer.