Unable to capture WooCommerce REST API request which is causing PHP error

Question

. 。 Answers to this question are eligible for a +50 reputation bounty. Robbie Lewis wants to to this question: 这个问题：

Looking for any lateral solution that would help us to capture the API request coming into an apache web server.

I have a third party application which inserts product data to WooCommerce via the REST API. The third party application does not log outbound API requests.

The third party application is making a request to WooCommerce which is causing a PHP error.

[16-Jan-2023 14:52:23 UTC] PHP Fatal error:  Uncaught TypeError: preg_match(): Argument #2 ($subject) must be of type string, WP_REST_Request given in /home/CENSORED/public_html/wp-includes/formatting.php:1596
Stack trace:
#0 /home/CENSORED/public_html/wp-includes/formatting.php(1596): preg_match('/[\\x80-\\xff]/', Object(WP_REST_Request))
#1 /home/CENSORED/public_html/wp-includes/formatting.php(2207): remove_accents(Object(WP_REST_Request))
#2 /home/CENSORED/public_html/wp-includes/class-wp-hook.php(310): sanitize_title(Object(WP_REST_Request))
#3 /home/CENSORED/public_html/wp-includes/plugin.php(205): WP_Hook->apply_filters(Object(WP_REST_Request), Array)
#4 /home/CENSORED/public_html/wp-includes/taxonomy.php(1751): apply_filters('pre_term_slug', Object(WP_REST_Request), 'pa_colour')
#5 /home/CENSORED/public_html/wp-includes/taxonomy.php(1653): sanitize_term_field('slug', Object(WP_REST_Request), 0, 'pa_colour', 'db')
#6 /home/CENSORED/public_html/wp-includes/taxonomy.php(2385): sanitize_term(Array, 'pa_colour', 'db')
#7 /home/CENSORED/public_html/wp-content/plugins/woocommerce/includes/rest-api/Controllers/Version3/class-wc-rest-terms-controller.php(407): wp_insert_term('DENIM BLUE', 'pa_colour', Array)
#8 /home/CENSORED/public_html/wp-includes/rest-api/class-wp-rest-server.php(1171): WC_REST_Terms_Controller->create_item(Object(WP_REST_Request))
#9 /home/CENSORED/public_html/wp-includes/rest-api/class-wp-rest-server.php(1018): WP_REST_Server->respond_to_request(Object(WP_REST_Request), '/wc/v2/products...', Array, NULL)
#10 /home/CENSORED/public_html/wp-includes/rest-api/class-wp-rest-server.php(442): WP_REST_Server->dispatch(Object(WP_REST_Request))
#11 /home/CENSORED/public_html/wp-includes/rest-api.php(410): WP_REST_Server->serve_request('/wc/v2/products...')
#12 /home/CENSORED/public_html/wp-includes/class-wp-hook.php(308): rest_api_loaded(Object(WP))
#13 /home/CENSORED/public_html/wp-includes/class-wp-hook.php(332): WP_Hook->apply_filters(NULL, Array)
#14 /home/CENSORED/public_html/wp-includes/plugin.php(565): WP_Hook->do_action(Array)
#15 /home/CENSORED/public_html/wp-includes/class-wp.php(399): do_action_ref_array('parse_request', Array)
#16 /home/CENSORED/public_html/wp-includes/class-wp.php(780): WP->parse_request('')
#17 /home/CENSORED/public_html/wp-includes/functions.php(1332): WP->main('')
#18 /home/CENSORED/public_html/wp-blog-header.php(16): wp()
#19 /home/CENSORED/public_html/index.php(17): require('/home/CENSORED...')
#20 {main}
thrown in /home/CENSORED/public_html/wp-includes/formatting.php on line 1596

I believe the PHP error is a bug that needs to be reported to WooCommerce and/or WordPress. I am unable to capture the contents of the request so that I can provide steps to reproduce for the bug report.

I am testing on a completely blank and up-to-date installation of WordPress and WooCommerce with no other plugins (except those mentioned below).

I have tried:

• Looking in the Apache access log, the request body is not included
• Using this plugin https://wordpress.org/plugins/wp-rest-api-log/ but it does not capture the request. It captures valid requests, but not the request that causes the error
• Using this plugin https://wordpress.org/plugins/log-http-requests/ it does not appear to capture REST API requests
• Using this code https://iandunn.name/2016/02/05/logging-wordpress-rest-api-errors/ it does not add any content to the error_log when the error occurs. I fired other invalid requests to the REST API and it did work, so I can only assume that the request is a valid REST API request syntactically and the resulting error is an internal PHP bug.

How can I capture the full request so that I can confirm this is a WooCommerce or WordPress bug and report to the appropriate github?

Answer 1

I suggest: "debugging by printf" or "debugging by print_r " in this special case.

Edit /home/CENSORED/public_html/index.php and insert just before line 17:

syslog(LOG_ERROR, print_r($_GET, TRUE));
syslog(LOG_ERROR, print_r($_POST, TRUE));

depending on the request type your plugin fires, the content should appear in one of these log outputs.

You could also go to /home/CENSORED/public_html/wp-includes/formatting.php and insert before line 1596:

syslog(LOG_ERROR, print_r($text, TRUE));

to get the malformed string variable.

After doing so, you should be able to find the log lines in the server's syslog via:

tail -f /var/log/syslog

If you unfortunately don't have access to the wp source code on the server machine, you should capture the request on the desktop machine which is running the plugin via Wireshark or TShark . I wouldn't blame it overkill. By filtering the capture by server IP, protocol http and method ( http.request.method == GET or http.request.method == POST ) the heart of the matter should be revealed soon (Maybe you have to reset the request scheme from https to http ).