Commit cec0009
PCG: follow redirects on probe loopback to fix "Too many redirects" (#48897)
* PCG: follow redirects on probe loopback to fix "Too many redirects"
The probe was firing with redirects=0, so any 3xx response from the
loopback (force_ssl_admin's http->https bounce on the admin probe,
canonical http->https / trailing-slash on the front-end probe) threw
"Too many redirects" — about 11k of these in logstash. Switching to
redirects=3 lets Requests follow the bounce, re-sending the forwarded
Cookie header on the followed request, so admin auth still validates
and the probe handler still fires at the canonical front-end URL
(WP emits full-URL Location headers so pcg_probe/token survives).
parse_response now classifies:
- Too-many-redirects exception (budget exceeded) -> ok-inconclusive,
matched on WpOrg\Requests\Exception::getType() === 'toomanyredirects'
so a future upstream wording change can't reclassify these.
- 3xx safety net (Requests refused to follow — cross-scheme downgrade,
malformed Location, etc.) -> ok-inconclusive, broadened from the
admin-only 301/302 check that's no longer reachable for the common
cases.
- 2xx with redirect_count > 0 -> ok-inconclusive (destination dropped
our pcg_probe query string), distinguished from the no-redirects 2xx
which still classifies as fatal (real exit/die during bootstrap).
Drop the now-unused $is_admin param on parse_response.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* PCG: bump redirect budget from 3 to 5 to match wp_remote_get default
Absorbs multilingual / 4-hop canonical chains (http -> https -> www ->
trailing-slash -> locale-prefix) without changing the failure mode at
the cap (still ok-inconclusive, non-blocking). Aligns with WP core's
own loopback convention.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* PCG: tighten 'redirects' rationale comment
Drop a few lines while keeping the load-bearing facts: budget aligns
with wp_remote_get's default, what kinds of hops it absorbs, and why
the probe query + auth survive the bounce.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* PCG: update changelog blurb to reflect 5-redirect budget
Stale "up to 3" from the initial commit; bumped to 5 to match
wp_remote_get's default.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* PCG: defer probe transient delete until verdict emits
If force_ssl_admin redirects http->https before admin_init runs, the
loopback follows with the same token but the transient was already
deleted on the first hit, so the follow-up bailed with "Invalid or
expired probe token". Stash the key and delete only inside the
terminal responder; the 30s TTL caps any lingering entries.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* PCG: strip forwarded Cookie on cross-host probe redirect
Now that the loopback follows up to 5 redirects, a misconfigured admin
URL that bounces off-host would leak the forwarded auth cookies to the
third party. Register a per-request requests.before_redirect hook that
drops the Cookie header whenever the redirect target's host differs
from the original admin host.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* PCG: trim probe comments and simplify redirect cookie strip
Drop diff-narrating comments around the redirect/2xx/3xx branches in
parse_response and the redirect budget block. Collapse the case-insensitive
Cookie-header scan in the cross-host redirect hook to a direct unset
(Requests passes through the caller's exact-case key). Rename the closure's
$return param to $return_value to satisfy PHPCS, and realign equals signs.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* PCG: also strip Cookie on same-host https→http redirect
Address review: relative redirects inherit the original origin/scheme,
and https→http on the same host now drops the forwarded Cookie too.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* PCG: case-insensitive Cookie strip in redirect hook
Future-proof against a Requests change that normalizes header keys
before invoking before_redirect: scan req_headers case-insensitively
so the cross-host / scheme-downgrade Cookie strip can't silently
no-op if the key arrives as 'cookie' or 'COOKIE'.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>1 parent 2a188b6 commit cec0009
4 files changed
Lines changed: 110 additions & 16 deletions
File tree
- projects/packages/jetpack-mu-wpcom
- changelog
- src/features/plugin-conflicts-guardian
Lines changed: 4 additions & 0 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
Lines changed: 1 addition & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
26 | 26 | | |
27 | 27 | | |
28 | 28 | | |
29 | | - | |
| 29 | + | |
30 | 30 | | |
31 | 31 | | |
32 | 32 | | |
| |||
Lines changed: 80 additions & 14 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
60 | 60 | | |
61 | 61 | | |
62 | 62 | | |
63 | | - | |
| 63 | + | |
| 64 | + | |
| 65 | + | |
| 66 | + | |
| 67 | + | |
64 | 68 | | |
65 | 69 | | |
66 | 70 | | |
| |||
73 | 77 | | |
74 | 78 | | |
75 | 79 | | |
76 | | - | |
77 | | - | |
| 80 | + | |
| 81 | + | |
78 | 82 | | |
79 | 83 | | |
80 | 84 | | |
| |||
209 | 213 | | |
210 | 214 | | |
211 | 215 | | |
| 216 | + | |
212 | 217 | | |
213 | 218 | | |
214 | 219 | | |
215 | 220 | | |
216 | 221 | | |
| 222 | + | |
217 | 223 | | |
218 | 224 | | |
219 | 225 | | |
| |||
223 | 229 | | |
224 | 230 | | |
225 | 231 | | |
| 232 | + | |
226 | 233 | | |
227 | 234 | | |
228 | 235 | | |
| |||
232 | 239 | | |
233 | 240 | | |
234 | 241 | | |
235 | | - | |
236 | 242 | | |
237 | 243 | | |
238 | | - | |
| 244 | + | |
239 | 245 | | |
| 246 | + | |
| 247 | + | |
| 248 | + | |
| 249 | + | |
| 250 | + | |
| 251 | + | |
| 252 | + | |
| 253 | + | |
| 254 | + | |
240 | 255 | | |
241 | 256 | | |
242 | 257 | | |
243 | 258 | | |
244 | 259 | | |
245 | 260 | | |
246 | | - | |
247 | | - | |
| 261 | + | |
| 262 | + | |
| 263 | + | |
248 | 264 | | |
249 | 265 | | |
250 | 266 | | |
251 | 267 | | |
252 | 268 | | |
253 | 269 | | |
254 | | - | |
255 | | - | |
256 | | - | |
| 270 | + | |
| 271 | + | |
| 272 | + | |
| 273 | + | |
257 | 274 | | |
258 | 275 | | |
259 | | - | |
| 276 | + | |
260 | 277 | | |
261 | 278 | | |
262 | 279 | | |
| |||
267 | 284 | | |
268 | 285 | | |
269 | 286 | | |
270 | | - | |
271 | | - | |
272 | | - | |
273 | 287 | | |
| 288 | + | |
| 289 | + | |
| 290 | + | |
| 291 | + | |
| 292 | + | |
| 293 | + | |
| 294 | + | |
| 295 | + | |
| 296 | + | |
| 297 | + | |
| 298 | + | |
274 | 299 | | |
275 | 300 | | |
276 | 301 | | |
| |||
309 | 334 | | |
310 | 335 | | |
311 | 336 | | |
| 337 | + | |
| 338 | + | |
| 339 | + | |
| 340 | + | |
| 341 | + | |
| 342 | + | |
| 343 | + | |
| 344 | + | |
| 345 | + | |
| 346 | + | |
| 347 | + | |
| 348 | + | |
| 349 | + | |
| 350 | + | |
| 351 | + | |
| 352 | + | |
| 353 | + | |
| 354 | + | |
| 355 | + | |
| 356 | + | |
| 357 | + | |
| 358 | + | |
| 359 | + | |
| 360 | + | |
| 361 | + | |
| 362 | + | |
| 363 | + | |
| 364 | + | |
| 365 | + | |
| 366 | + | |
| 367 | + | |
| 368 | + | |
| 369 | + | |
| 370 | + | |
| 371 | + | |
| 372 | + | |
| 373 | + | |
| 374 | + | |
| 375 | + | |
| 376 | + | |
| 377 | + | |
312 | 378 | | |
313 | 379 | | |
314 | 380 | | |
| |||
Lines changed: 25 additions & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
30 | 30 | | |
31 | 31 | | |
32 | 32 | | |
33 | | - | |
34 | 33 | | |
35 | 34 | | |
36 | 35 | | |
37 | 36 | | |
| 37 | + | |
| 38 | + | |
| 39 | + | |
| 40 | + | |
| 41 | + | |
| 42 | + | |
| 43 | + | |
38 | 44 | | |
39 | 45 | | |
40 | 46 | | |
| |||
145 | 151 | | |
146 | 152 | | |
147 | 153 | | |
| 154 | + | |
| 155 | + | |
| 156 | + | |
| 157 | + | |
148 | 158 | | |
149 | 159 | | |
150 | 160 | | |
151 | 161 | | |
152 | 162 | | |
153 | 163 | | |
154 | 164 | | |
| 165 | + | |
| 166 | + | |
| 167 | + | |
| 168 | + | |
| 169 | + | |
| 170 | + | |
| 171 | + | |
| 172 | + | |
| 173 | + | |
| 174 | + | |
| 175 | + | |
| 176 | + | |
| 177 | + | |
| 178 | + | |
155 | 179 | | |
156 | 180 | | |
157 | 181 | | |
| |||
0 commit comments