-
Notifications
You must be signed in to change notification settings - Fork 798
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Comments: Do not use HTTP 500 for non-server errors. #12428
Conversation
Jetpack should not be responding with HTTP 5xx errors when a client makes a bad or unauthorized requests. HTTP 4xx should be used for such requests.
Caution: This PR has changes that must be merged to WordPress.com |
Thank you for the great PR description! When this PR is ready for review, please apply the Scheduled Jetpack release: June 4, 2019. |
Are there any consumers of this error that is expecting a 500 within Jetpack that you're aware of? I can't think of any, but that would be the only reason not to do it (yet). |
I know of none. I do know the Automattic Systems team would like Jetpack (and WordPress in general) to not respond with 500s unless something is actually broken with the server (which is rarely the case by the time PHP is checking this sort of thing). I'm not sure about these 500s specifically, but Jetpack's in general cause false positives for them. |
All of (most of) core's equivalent comment errors return 4xx: https://core.trac.wordpress.org/browser/tags/5.2/src/wp-includes/comment.php#L3114 (Any |
The |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM! Merging.
* Kick off the changelog * Add 7.3.1 * Update date and post link * changelog: add #12219 * changelog: add #12170 * changelog: add #12184 * Changelog: add #12268 * Changelog: add #12081 * Changelog: add #12323 * Changelog: add #12204 * Changelog: add #12269 * Changelog: add #12332 * changelog: add #12339 * changelog: add #12209 * Changelog: add #12319 * Changelog: add #12357 * Changelog: add #12124 * Changelog: add #12373 * Changelog: add #12252 * Changelog: add #12383 * Changelog: add #12372 * changelog: add #12337 * Changelog: add #12290 * Changelog: add #12301 * Changelog: add #12061 * Testing list: add instructions for #12061 * Changelog: add #12393 * Update minimum supported version See #12287 * Changelog: add #12406 * Testing list: add #12406 * Changelog: add #12277 * Changelog: add #12412 * Changelog: add #11318 * Changelog: add #12328 * Changelog: add #12425 * Changelog: add #12380 * Changelog: add #12428 * Changelog: add #12414 * Changelog: add #12395 * Changelog & Testing list: add #12416, #12417, #12418, and #12348 * changelog: add #12379 * Changelog: add #12341 * changelog: add #12444 * Changelog: add #12434 * Changelog: add #12454 * Changelog: add #12460 * Changelog: add #12463 * Changelog: add #12457 * Changelog / testing list: add #10333 * Changelog: add #12467 Co-authored-by: Jeremy Herve <jeremy@jeremy.hu>
Related Trac ticket for |
r206694-wpcom |
Changes proposed in this Pull Request:
Jetpack should not be responding with HTTP 5xx errors when a client makes a bad or unauthorized requests. HTTP 4xx should be used for such requests.
Testing instructions:
It's annoying. Do the following for both
master
and this branch (update/comments-should-not-die-with-500
).In master, you'll see the wp-comments-post.php request has a 500 response. In this branch, you'll see a 400.
Remember to undo the hack from step 1 :)
Proposed changelog entry for your changes: