Bug #23152
closedCritical Error on Site
0%
Description
Hi All,
I am meeting with a faculty member and we cannot access the front end of their site and we get the error "There has been a critical error on this website."
https://msh245.commons.gc.cuny.edu/
Can you look into this issue?
Thanks,
Laurie
Updated by Laurie Hurson 5 months ago
WE changed the site to public and this resolved this issue, I think this may be related to S3 images issues. The site is on a theme that was randomizing the header images on new load and perhaps this caused the error when it was private?
Updated by Raymond Hoh 5 months ago
Looking through the error logs, the error is related to the random header:
[11-Aug-2025 18:16:08 UTC] PHP Fatal error: Uncaught ArgumentCountError: 5 arguments are required, 3 given in /var/www/webroot/ROOT/wp-includes/theme.php:1414
Stack trace:
#0 /var/www/webroot/ROOT/wp-includes/theme.php(1414): sprintf()
#1 /var/www/webroot/ROOT/wp-includes/theme.php(1435): _get_random_header_data()
#2 /var/www/webroot/ROOT/wp-includes/theme.php(1228): get_random_header_image()
#3 /var/www/webroot/ROOT/wp-includes/theme.php(1210): get_header_image()
#4 /var/www/webroot/ROOT/wp-content/themes/twentyseventeen/inc/template-functions.php(38): has_header_image()
#5 /var/www/webroot/ROOT/wp-includes/class-wp-hook.php(326): twentyseventeen_body_classes()
#6 /var/www/webroot/ROOT/wp-includes/plugin.php(205): WP_Hook->apply_filters()
#7 /var/www/webroot/ROOT/wp-includes/post-template.php(866): apply_filters()
#8 /var/www/webroot/ROOT/wp-includes/post-template.php(622): get_body_class()
#9 /var/www/webroot/ROOT/wp-content/themes/twentyseventeen/header.php(25): body_class()
#10 /var/www/webroot/ROOT/wp-includes/template.php(810): require_once('...')
#11 /var/www/webroot/ROOT/wp-includes/template.php(745): load_template()
#12 /var/www/webroot/ROOT/wp-includes/general-template.php(48): locate_template()
#13 /var/www/webroot/ROOT/wp-content/themes/twentyseventeen/front-page.php(15): get_header()
#14 /var/www/webroot/ROOT/wp-includes/template-loader.php(106): include('...')
#15 /var/www/webroot/ROOT/wp-blog-header.php(19): require_once('...')
#16 /var/www/webroot/ROOT/index.php(17): require('...')
#17 {main}
thrown in /var/www/webroot/ROOT/wp-includes/theme.php on line 1414
The issue is related to S3 because when the site switches to private, some S3 signature parameters are added to the header image URL:
Before:
https://s3.amazonaws.com/files.commons.gc.cuny.edu/wp-content/blogs.dir/22608/files/2022/08/Biggie-768x432-1.jpg
After:
https://s3.amazonaws.com/files.commons.gc.cuny.edu/wp-content/blogs.dir/22608/files/2022/08/Biggie-768x432-1.jpg?X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAZUO33UBRWHMWHNJB%2F20250811%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20250811T194557Z&X-Amz-SignedHeaders=host&X-Amz-Expires=21600&X-Amz-Signature=2541b1dddd8475b066e878eaa92975e3fce6ed1104618535d61ea455a6dc69b4
When the X-Amz-Credential parameter is URL-encoded and combined with sprintf() in the _get_random_header_data() function, this causes the fatal error. Not sure what we can do here. Boone, perhaps we can URL-decode these parameters during the get_uploaded_header_images() call?
It might be possible to hook into the 'clean_url' filter and then do a backtrace to see if the get_uploaded_header_images() call was used. If so, then we can URL-decode the header image URL?
Updated by Boone Gorges 5 months ago
- Category name set to S3 Uploads
- Status changed from New to Staged for Production Release
- Assignee set to Boone Gorges
- Target version set to 2.5.13
Wow, what a lousy problem.
Unfortunately, get_uploaded_header_images() doesn't have a filter; if it did, this would be a trivial fix.
Instead, I have to use a more general URL filter (I've chosen s3_uploads_presigned_url, which at least will only be run on signed URLs) and then use the backtrace to determine whether the URL is going to be used to build the random header images. Then I escape the '%' chars in the URL (as '%%') so that sprintf() doesn't choke on them. https://github.com/cuny-academic-commons/cac/commit/bfd0f513ee270aa5b842c9192edb277cfd0aa883
I tested this in production and it appears to solve the problem.
Updated by Boone Gorges 5 months ago
- Status changed from Staged for Production Release to Resolved