From b1ed10ab9ac6d2842212d3d0753ac064c81c885a Mon Sep 17 00:00:00 2001
From: John Blackbourn <johnbillion@git.wordpress.org>
Date: Fri, 9 Feb 2018 18:11:30 +0000
Subject: [PATCH] HTTP API: Add the URL as a paramter to various HTTP related
 filters.

Props paulschreiber, purnendu

Fixes #42186

Built from https://develop.svn.wordpress.org/trunk@42682


git-svn-id: http://core.svn.wordpress.org/trunk@42510 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/class-http.php             | 37 ++++++++++++++++----------
 wp-includes/class-wp-http-curl.php     |  4 +--
 wp-includes/class-wp-http-streams.php  |  8 +++---
 wp-includes/class-wp-xmlrpc-server.php |  2 +-
 wp-includes/version.php                |  2 +-
 5 files changed, 32 insertions(+), 21 deletions(-)

diff --git a/wp-includes/class-http.php b/wp-includes/class-http.php
index bead194a4a..5df29167f5 100644
--- a/wp-includes/class-http.php
+++ b/wp-includes/class-http.php
@@ -152,45 +152,52 @@ class WP_Http {
 			 * Filters the timeout value for an HTTP request.
 			 *
 			 * @since 2.7.0
+			 * @since 5.0.0 The `$url` parameter was added.
 			 *
-			 * @param int $timeout_value Time in seconds until a request times out.
-			 *                           Default 5.
+			 * @param int    $timeout_value Time in seconds until a request times out. Default 5.
+			 * @param string $url           The request URL.
 			 */
-			'timeout'             => apply_filters( 'http_request_timeout', 5 ),
+			'timeout'             => apply_filters( 'http_request_timeout', 5, $url ),
 			/**
 			 * Filters the number of redirects allowed during an HTTP request.
 			 *
 			 * @since 2.7.0
+			 * @since 5.0.0 The `$url` parameter was added.
 			 *
-			 * @param int $redirect_count Number of redirects allowed. Default 5.
+			 * @param int    $redirect_count Number of redirects allowed. Default 5.
+			 * @param string $url            The request URL.
 			 */
-			'redirection'         => apply_filters( 'http_request_redirection_count', 5 ),
+			'redirection'         => apply_filters( 'http_request_redirection_count', 5, $url ),
 			/**
 			 * Filters the version of the HTTP protocol used in a request.
 			 *
 			 * @since 2.7.0
+			 * @since 5.0.0 The `$url` parameter was added.
 			 *
-			 * @param string $version Version of HTTP used. Accepts '1.0' and '1.1'.
-			 *                        Default '1.0'.
+			 * @param string $version Version of HTTP used. Accepts '1.0' and '1.1'. Default '1.0'.
+			 * @param string $url     The request URL.
 			 */
-			'httpversion'         => apply_filters( 'http_request_version', '1.0' ),
+			'httpversion'         => apply_filters( 'http_request_version', '1.0', $url ),
 			/**
 			 * Filters the user agent value sent with an HTTP request.
 			 *
 			 * @since 2.7.0
+			 * @since 5.0.0 The `$url` parameter was added.
 			 *
 			 * @param string $user_agent WordPress user agent string.
+			 * @param string $url        The request URL.
 			 */
-			'user-agent'          => apply_filters( 'http_headers_useragent', 'WordPress/' . get_bloginfo( 'version' ) . '; ' . get_bloginfo( 'url' ) ),
+			'user-agent'          => apply_filters( 'http_headers_useragent', 'WordPress/' . get_bloginfo( 'version' ) . '; ' . get_bloginfo( 'url' ), $url ),
 			/**
 			 * Filters whether to pass URLs through wp_http_validate_url() in an HTTP request.
 			 *
 			 * @since 3.6.0
+			 * @since 5.0.0 The `$url` parameter was added.
 			 *
-			 * @param bool $pass_url Whether to pass URLs through wp_http_validate_url().
-			 *                       Default false.
+			 * @param bool   $pass_url Whether to pass URLs through wp_http_validate_url(). Default false.
+			 * @param string $url      The request URL.
 			 */
-			'reject_unsafe_urls'  => apply_filters( 'http_request_reject_unsafe_urls', false ),
+			'reject_unsafe_urls'  => apply_filters( 'http_request_reject_unsafe_urls', false, $url ),
 			'blocking'            => true,
 			'headers'             => array(),
 			'cookies'             => array(),
@@ -350,10 +357,12 @@ class WP_Http {
 		 * Filters whether SSL should be verified for non-local requests.
 		 *
 		 * @since 2.8.0
+		 * @since 5.0.0 The `$url` parameter was added.
 		 *
-		 * @param bool $ssl_verify Whether to verify the SSL connection. Default true.
+		 * @param bool   $ssl_verify Whether to verify the SSL connection. Default true.
+		 * @param string $url        The request URL.
 		 */
-		$options['verify'] = apply_filters( 'https_ssl_verify', $options['verify'] );
+		$options['verify'] = apply_filters( 'https_ssl_verify', $options['verify'], $url );
 
 		// Check for proxies.
 		$proxy = new WP_HTTP_Proxy();
diff --git a/wp-includes/class-wp-http-curl.php b/wp-includes/class-wp-http-curl.php
index 52b1459b51..66085bd18c 100644
--- a/wp-includes/class-wp-http-curl.php
+++ b/wp-includes/class-wp-http-curl.php
@@ -113,10 +113,10 @@ class WP_Http_Curl {
 		$ssl_verify = isset( $r['sslverify'] ) && $r['sslverify'];
 		if ( $is_local ) {
 			/** This filter is documented in wp-includes/class-wp-http-streams.php */
-			$ssl_verify = apply_filters( 'https_local_ssl_verify', $ssl_verify );
+			$ssl_verify = apply_filters( 'https_local_ssl_verify', $ssl_verify, $url );
 		} elseif ( ! $is_local ) {
 			/** This filter is documented in wp-includes/class-http.php */
-			$ssl_verify = apply_filters( 'https_ssl_verify', $ssl_verify );
+			$ssl_verify = apply_filters( 'https_ssl_verify', $ssl_verify, $url );
 		}
 
 		/*
diff --git a/wp-includes/class-wp-http-streams.php b/wp-includes/class-wp-http-streams.php
index c23aaf7f4b..562f471bb4 100644
--- a/wp-includes/class-wp-http-streams.php
+++ b/wp-includes/class-wp-http-streams.php
@@ -97,13 +97,15 @@ class WP_Http_Streams {
 			 * Filters whether SSL should be verified for local requests.
 			 *
 			 * @since 2.8.0
+			 * @since 5.0.0 The `$url` parameter was added.
 			 *
-			 * @param bool $ssl_verify Whether to verify the SSL connection. Default true.
+			 * @param bool   $ssl_verify Whether to verify the SSL connection. Default true.
+			 * @param string $url        The request URL.
 			 */
-			$ssl_verify = apply_filters( 'https_local_ssl_verify', $ssl_verify );
+			$ssl_verify = apply_filters( 'https_local_ssl_verify', $ssl_verify, $url );
 		} elseif ( ! $is_local ) {
 			/** This filter is documented in wp-includes/class-http.php */
-			$ssl_verify = apply_filters( 'https_ssl_verify', $ssl_verify );
+			$ssl_verify = apply_filters( 'https_ssl_verify', $ssl_verify, $url );
 		}
 
 		$proxy = new WP_HTTP_Proxy();
diff --git a/wp-includes/class-wp-xmlrpc-server.php b/wp-includes/class-wp-xmlrpc-server.php
index 3552ac1a95..019ba42567 100644
--- a/wp-includes/class-wp-xmlrpc-server.php
+++ b/wp-includes/class-wp-xmlrpc-server.php
@@ -6744,7 +6744,7 @@ class wp_xmlrpc_server extends IXR_Server {
 		$remote_ip = preg_replace( '/[^0-9a-fA-F:., ]/', '', $_SERVER['REMOTE_ADDR'] );
 
 		/** This filter is documented in wp-includes/class-http.php */
-		$user_agent = apply_filters( 'http_headers_useragent', 'WordPress/' . get_bloginfo( 'version' ) . '; ' . get_bloginfo( 'url' ) );
+		$user_agent = apply_filters( 'http_headers_useragent', 'WordPress/' . get_bloginfo( 'version' ) . '; ' . get_bloginfo( 'url' ), $url );
 
 		// Let's check the remote site
 		$http_api_args = array(
diff --git a/wp-includes/version.php b/wp-includes/version.php
index a46e70a55d..65b0d64fe5 100644
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -4,7 +4,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '5.0-alpha-42681';
+$wp_version = '5.0-alpha-42682';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.