From 312d3466098a47a68b326a3af9a69c2a179e30e4 Mon Sep 17 00:00:00 2001 From: Nate Weller Date: Thu, 10 Oct 2024 16:11:25 -0600 Subject: [PATCH] WAF: Handle cases where outdated Waf_Rules_Manager has been autoloaded in standalone mode (#39652) --- .../fix-waf-autoloaded-runner-class-handling | 4 ++ .../packages/waf/src/class-compatibility.php | 44 ++++++++++++++++++- 2 files changed, 46 insertions(+), 2 deletions(-) create mode 100644 projects/packages/waf/changelog/fix-waf-autoloaded-runner-class-handling diff --git a/projects/packages/waf/changelog/fix-waf-autoloaded-runner-class-handling b/projects/packages/waf/changelog/fix-waf-autoloaded-runner-class-handling new file mode 100644 index 0000000000000..d8d7bc0000aff --- /dev/null +++ b/projects/packages/waf/changelog/fix-waf-autoloaded-runner-class-handling @@ -0,0 +1,4 @@ +Significance: patch +Type: fixed + +Improve backwards compatibility for sites running in standalone mode. diff --git a/projects/packages/waf/src/class-compatibility.php b/projects/packages/waf/src/class-compatibility.php index 8f3e6d5634a15..362543a391fb1 100644 --- a/projects/packages/waf/src/class-compatibility.php +++ b/projects/packages/waf/src/class-compatibility.php @@ -16,6 +16,46 @@ */ class Waf_Compatibility { + /** + * Returns the name for the IP allow list enabled/disabled option. + * + * @since $$next-version$$ + * + * @return string + */ + private static function get_ip_allow_list_enabled_option_name() { + /** + * Patch: bootstrap script generated prior to 0.17.0 may have autoloaded Waf_Rules_Manager class during standalone mode execution. + * + * @see peb6dq-2HL-p2 + */ + if ( ! defined( 'Waf_Rules_Manager::IP_ALLOW_LIST_ENABLED_OPTION_NAME' ) ) { + return 'jetpack_waf_ip_allow_list_enabled'; + } + + return Waf_Rules_Manager::IP_ALLOW_LIST_ENABLED_OPTION_NAME; + } + + /** + * Returns the name for the IP block list enabled/disabled option. + * + * @since $$next-version$$ + * + * @return string + */ + private static function get_ip_block_list_enabled_option_name() { + /** + * Patch: bootstrap script generated prior to 0.17.0 may have autoloaded Waf_Rules_Manager class during standalone mode execution. + * + * @see peb6dq-2HL-p2 + */ + if ( ! defined( 'Waf_Rules_Manager::IP_BLOCK_LIST_ENABLED_OPTION_NAME' ) ) { + return 'jetpack_waf_ip_block_list_enabled'; + } + + return Waf_Rules_Manager::IP_BLOCK_LIST_ENABLED_OPTION_NAME; + } + /** * Add compatibilty hooks * @@ -28,8 +68,8 @@ public static function add_compatibility_hooks() { add_filter( 'default_option_' . Waf_Initializer::NEEDS_UPDATE_OPTION_NAME, __CLASS__ . '::default_option_waf_needs_update', 10, 3 ); add_filter( 'default_option_' . Waf_Rules_Manager::IP_ALLOW_LIST_OPTION_NAME, __CLASS__ . '::default_option_waf_ip_allow_list', 10, 3 ); add_filter( 'option_' . Waf_Rules_Manager::IP_ALLOW_LIST_OPTION_NAME, __CLASS__ . '::filter_option_waf_ip_allow_list', 10, 1 ); - add_filter( 'default_option_' . Waf_Rules_Manager::IP_ALLOW_LIST_ENABLED_OPTION_NAME, __CLASS__ . '::default_option_waf_ip_allow_list_enabled', 10, 3 ); - add_filter( 'default_option_' . Waf_Rules_Manager::IP_BLOCK_LIST_ENABLED_OPTION_NAME, __CLASS__ . '::default_option_waf_ip_block_list_enabled', 10, 3 ); + add_filter( 'default_option_' . self::get_ip_allow_list_enabled_option_name(), __CLASS__ . '::default_option_waf_ip_allow_list_enabled', 10, 3 ); + add_filter( 'default_option_' . self::get_ip_block_list_enabled_option_name(), __CLASS__ . '::default_option_waf_ip_block_list_enabled', 10, 3 ); } /**