Feeds: Don't attempt to generate RSS feeds for invalid feed URLs such as wp-content/feed.

Props stevenkword, JRGould, lyubomir_popov, johnbillion
Fixes #30210

Built from https://develop.svn.wordpress.org/trunk@38929


git-svn-id: http://core.svn.wordpress.org/trunk@38872 1a063a9b-81f0-0310-95a4-ce76da25c4cd

wp-includes/functions.php

@@ -1213,6 +1213,18 @@ function bool_from_yn( $yn ) {
 function do_feed() {
 	global $wp_query;
 
+	// Determine if we are looking at the main comment feed
+	$is_main_comments_feed = ( $wp_query->is_comment_feed() && ! $wp_query->is_singular() );
+
+	/*
+	 * Check the queried object for the existence of posts if it is not a feed for an archive,
+	 * search result, or main comments. By checking for the absense of posts we can prevent rendering the feed
+	 * templates at invalid endpoints. e.g.) /wp-content/plugins/feed/
+	 */
+	if ( ! $wp_query->have_posts() && ! ( $wp_query->is_archive() || $wp_query->is_search() || $is_main_comments_feed ) ) {
+		wp_die( __( 'ERROR: This is not a valid feed.' ), '', array( 'response' => 404 ) );
+	}
+
 	$feed = get_query_var( 'feed' );
 
 	// Remove the pad, if present.

wp-includes/version.php

@@ -4,7 +4,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '4.7-alpha-38928';
+$wp_version = '4.7-alpha-38929';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.