Wordfence AjaxWatcher problem

Phan Chuong
(@pltchuong)

9 years, 9 months ago

So I have a WP site using jQuery 1.11.3, and having an AJAX request, response an URL like this “https://website.com/blah-blah/”, and it’s failed because of this var responseDOM = $(jqXHR.responseText); from admin.ajaxWatcher.js. The issue is Wordfence consider all response as a DOM and try to find that DOM, which is absolutely fine, however this response has some slashes and cause issue “jquery.js?ver=1.11.3:1502 Uncaught Error: Syntax error, unrecognized expression: https://website.com/blah-blah/”

https://wordpress.org/plugins/wordfence/

Viewing 3 replies - 1 through 3 (of 3 total)

Plugin Author WFMattR
(@wfmattr)

9 years, 9 months ago

Hi Phan Chuong,

Thanks for the report. I’ve sent it on to the dev team (reference number FB2102), and we’ll see if this can be prevented in a future version. Can you tell me if you know the theme or plugin that uses the ajax response that triggers the error? Or can you post the body of the response that causes the error? (If there is any sensitive information, you can replace it with X’s before posting it here.)

If this is currently causing trouble on the site, you can disable the ajaxwatcher script. Near the bottom of the Firewall page on the Wordfence menu, you can turn off the two checkboxes under “Monitor Background Requests for False Positives” — there is one for the front end and one for the wp-admin panel. Turning it off doesn’t reduce security, but if the site has any false positives (blocking ajax requests that appear suspicious but may be ok), you won’t immediately see them.

-Matt R

Aurélien Joahny
(@ajoah)

9 years, 1 month ago

Hi @wfmattr,

Any news about this issue ? Because i have the same problem :/. The JSON response body is :

{"success":false,"data":{"errors":["Le bateau doit \u00eatre li\u00e9 \u00e0 un pays"]}}

It’s my own plugin and i use wp_send_json_error function.
lking57
(@lking57)

8 years, 9 months ago
I saw this today as well. I am trying to code a loop in my theme which retrieves all pages of posts for a category, and I’m not sure the best way to end the loop. I thought looking for the error would do it but there’s an exception in wordfence and it looks like this one.

my javascript code is similar to the following but doesn’t reach the fail method because of the exception
```
var factoids = [];
var $ = jQuery;
var page = 1;
var PER_PAGE = 10;
var category = 7;  // retrieved earlier

function get_factoids() {
    $.getJSON( '/wp-json/wp/v2/posts?page=' + page + '&per_page=' + PER_PAGE +'&categories=' + category )
    .done( function( data ) {
        // collect title renderings from steeps-factoid posts
        for (var i=0; i<data.length; i++) {
            thisfactoid = data[i];
            factoids.push( thisfactoid.title.rendered );
        };

        // if we found some steeps-factoids, try to retrieve the next page
        if ( data.length>0 ) {
            page += 1;
            get_factoids();            
        } 
    })
    .fail(function( jqxhr, textStatus, error ) { 
        // we reached the end of the list
    });
}
```

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Wordfence AjaxWatcher problem’ is closed to new replies.