projects / civicrm-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a78153f) | patch
WordPress - If we hit a "permission denied" error, return HTTP 403
authorTim Otten <totten@civicrm.org>
Tue, 16 Feb 2021 06:45:36 +0000 (22:45 -0800)
committerTim Otten <totten@civicrm.org>
Tue, 16 Feb 2021 07:44:59 +0000 (23:44 -0800)
commit34d96c0a5cf114a2f0f8d117888f9ba6b113a391
tree74a1aed10af4a1e9ceb5e3b870816eb522804dc8tree | snapshot (zip tar.gz)
parenta78153fcc32040b4c7f75833492a64a070ef22a3commit | diff
WordPress - If we hit a "permission denied" error, return HTTP 403

Overview
--------

On WordPress, any CiviCRM page that produces a "permission denied" sends an
HTTP status code of 200.  This is incorrectly indicates that the page-request was a success.

Before
------

```
$ curl -vv 'http://wpmaster.127.0.0.1.nip.io:8001/civicrm/dashboard' 2>&1 |grep HTTP
> GET /civicrm/dashboard HTTP/1.1
< HTTP/1.1 200 OK
```

After
-----

```
$ curl -vv 'http://wpmaster.127.0.0.1.nip.io:8001/civicrm/dashboard' 2>&1 |grep HTTP
> GET /civicrm/dashboard HTTP/1.1
< HTTP/1.1 403 Forbidden
```
CRM/Utils/System/WordPress.php diff | blob | blame | history