[wp-testers] WordPress 2.0.7-RC1
Mark Jaquith
mark.wordpress at txfx.net
Thu Jan 11 06:53:41 GMT 2007
I know we said 2.0.6 would be the last release before 2.1 launches,
but a handful of bugs floated to the surface and a PHP security issue
for certain configurations was recently identified, so we're going
forward with a very small 2.0.7 update. Here's our first release
candidate.
http://wordpress.org/beta/wordpress-2.0.7-RC1.zip
Changes:
1. worked around a PHP bug for PHP4 < 4.4.3 and PHP5 < 5.1.4 with
register_globals ON
that could lead to SQL injection or other security breaches
2. Feeds should properly show 304 Not Modified headers (a.k.a. the
FeedBurner bug)
instead of mismatched 200/304 headers
3. Backport of another 304 Not Modified fix from trunk (Etag
mismatch on certain hosts would
cause 200 OK and content to always be served, a waste of bandwidth)
4. Deleting WP Pages no longer gives an "Are You Sure?" prompt
5. After deleting a WP Page, you are properly redirected to the Edit
Pages screen
6. Sending an image at original size in IE no longer adds an
incorrect "height" attribute
And that's it. Test this one NOW. We want to release it as soon as
possible. I'm particularly interested in:
- PHP < 4.3.5 (Apache w/ mod_php, Apache w/ CGI, Apache w/ FastCGI,
IIS)
- IIS
- Lighttpd/LiteSpeed
To test feeds' 304 Not Modified headers, I recommend getting the Live
HTTP Headers extension for Firefox:
http://livehttpheaders.mozdev.org/
A. Warming up:
1. Make sure that Firefox will display feeds (and not pipe them to
an external RSS viewer)
2. Disable any caching plugins on your site like WP-Cache
3. Upload the 2.0.7 files (no need to run an upgrade)
4. Clear your Firefox cache
B. Testing procedure:
1. Open up Live HTTP Headers (Tools > Live HTTP Headers)
2. Visit http://yoursite.com/wp-rss2.php?test=123
3. Verify that the response header for /wp-rss2.php?test=123 is 200 OK
4. Clear the Live HTTP Headers output
5. Reload the feed
6. Verify that the response header for /wp-rss2.php?test=123 is 304
Not Modified
There should be no conflicting Status: header (that is, any Status
header should match the response code of the main HTTP response header).
NOTE: The ?test=123 part is just to make sure that your first request
isn't already cached.
Next, try basic WordPress functions like logging in, writing an
entry, writing a page, and deleting a page.
Let me know how it goes. Please include PHP version, server, and
server API (e.g. PHP 5.2/Apache/FastCGI) If you're unsure about your
headers, paste the Live HTTP Headers output in your response, or send
me your feed's URL to check out.
(BE SURE TO REMOVE ANY COOKIE-RELATED HEADERS! IF YOU ARE UNSURE,
SEND YOUR RESPONSE DIRECTLY TO ME)
--
Mark Jaquith
http://markjaquith.com/
Covered Web Services
http://covered.be/
More information about the wp-testers
mailing list