diff --git a/wp-admin/includes/class-wp-press-this.php b/wp-admin/includes/class-wp-press-this.php index 9313f71f9c..e3307a81df 100644 --- a/wp-admin/includes/class-wp-press-this.php +++ b/wp-admin/includes/class-wp-press-this.php @@ -256,46 +256,46 @@ class WP_Press_This { * @return string Source's HTML sanitized markup */ public function fetch_source_html( $url ) { - // Download source page to tmp file. - $source_tmp_file = ( ! empty( $url ) ) ? download_url( $url, 30 ) : ''; - $source_content = ''; + global $wp_version; - if ( ! is_wp_error( $source_tmp_file ) && file_exists( $source_tmp_file ) ) { - - // Get the content of the source page from the tmp file.. - $source_content = wp_kses( - @file_get_contents( $source_tmp_file ), - array( - 'img' => array( - 'src' => array(), - 'width' => array(), - 'height' => array(), - ), - 'iframe' => array( - 'src' => array(), - ), - 'link' => array( - 'rel' => array(), - 'itemprop' => array(), - 'href' => array(), - ), - 'meta' => array( - 'property' => array(), - 'name' => array(), - 'content' => array(), - ) - ) - ); - - // All done with backward compatibility. Let's do some cleanup, for good measure :) - unlink( $source_tmp_file ); - - } else if ( is_wp_error( $source_tmp_file ) ) { - $source_content = new WP_Error( 'upload-error', sprintf( __( 'ERROR: %s' ), sprintf( __( 'Could not download the source URL (native error: %s).' ), $source_tmp_file->get_error_message() ) ) ); - } else if ( ! file_exists( $source_tmp_file ) ) { - $source_content = new WP_Error( 'no-local-file', sprintf( __( 'ERROR: %s' ), __( 'Could not save or locate the temporary download file for the source URL.' ) ) ); + if ( empty( $url ) ) { + return new WP_Error( 'invalid-url', __( 'A valid URL was not provided.' ) ); } + $remote_url = wp_safe_remote_get( $url, array( + 'timeout' => 30, + // Use an explicit user-agent for Press This + 'user-agent' => 'Press This (WordPress/' . $wp_version . '); ' . get_bloginfo( 'url' ) + ) ); + + if ( is_wp_error( $remote_url ) ) { + return $remote_url; + } + + $useful_html_elements = array( + 'img' => array( + 'src' => true, + 'width' => true, + 'height' => true, + ), + 'iframe' => array( + 'src' => true, + ), + 'link' => array( + 'rel' => true, + 'itemprop' => true, + 'href' => true, + ), + 'meta' => array( + 'property' => true, + 'name' => true, + 'content' => true, + ) + ); + + $source_content = wp_remote_retrieve_body( $remote_url ); + $source_content = wp_kses( $source_content, $useful_html_elements ); + return $source_content; } @@ -1167,24 +1167,6 @@ class WP_Press_This { return $content; } - /** - * Sets the user agent used for Press This HTTP requests. - * - * @since 4.3.0 - * @access public - * - * @global string $wp_version - * - * @return string User agent. - */ - public function ua_string() { - global $wp_version; - - $user_agent = 'Press This (WordPress/' . $wp_version . '); ' . get_bloginfo( 'url' ); - - return $user_agent; - } - /** * Serves the app's base HTML, which in turns calls the load script. * @@ -1198,9 +1180,6 @@ class WP_Press_This { public function html() { global $wp_locale, $wp_version; - // Set explicit user-agent for the $data outbound HTTP requests. - add_filter( 'http_headers_useragent', array( $this, 'ua_string' ) ); - // Get data, new (POST) and old (GET). $data = $this->merge_or_fetch_data(); diff --git a/wp-includes/version.php b/wp-includes/version.php index 27c6483b9d..3bad7925e4 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -4,7 +4,7 @@ * * @global string $wp_version */ -$wp_version = '4.3-beta1-33061'; +$wp_version = '4.3-beta1-33062'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.