From df9b79e4cdc0ac47eceb21fd9f6e992e863d5663 Mon Sep 17 00:00:00 2001 From: Aaron Jorbin Date: Fri, 4 Oct 2024 17:36:16 +0000 Subject: [PATCH] Bootstrap/Load: Prevent loopback scraping errors when there is no key or nonce. For error detection and rollback functions WordPress also starts a loopback request to the homepage. This loopback request is made with special parameters that when they don't match, generates an erorr. This hardens that flow by exiting out of the check if the nonce or key is missing or the nonce is not saved in the DB. It further hardens it by not caching the failures and asking search engines not to index the url with the failures. Props georgwordpress, swissspidy, jorbin. Fixes #62105. Built from https://develop.svn.wordpress.org/trunk@59171 git-svn-id: http://core.svn.wordpress.org/trunk@58566 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/load.php | 14 +++++++++++++- wp-includes/version.php | 2 +- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/wp-includes/load.php b/wp-includes/load.php index b0b8209235..8c549d3660 100644 --- a/wp-includes/load.php +++ b/wp-includes/load.php @@ -1806,8 +1806,20 @@ function wp_start_scraping_edited_file_errors() { $key = substr( sanitize_key( wp_unslash( $_REQUEST['wp_scrape_key'] ) ), 0, 32 ); $nonce = wp_unslash( $_REQUEST['wp_scrape_nonce'] ); + if ( empty( $key ) || empty( $nonce ) ) { + return; + } - if ( get_transient( 'scrape_key_' . $key ) !== $nonce ) { + $transient = get_transient( 'scrape_key_' . $key ); + if ( false === $transient ) { + return; + } + + if ( $transient !== $nonce ) { + if ( ! headers_sent() ) { + header( 'X-Robots-Tag: noindex' ); + nocache_headers(); + } echo "###### wp_scraping_result_start:$key ######"; echo wp_json_encode( array( diff --git a/wp-includes/version.php b/wp-includes/version.php index e8165bdcac..e0e366b5f4 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -16,7 +16,7 @@ * * @global string $wp_version */ -$wp_version = '6.7-beta1-59170'; +$wp_version = '6.7-beta1-59171'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.