Commit Graph

19 Commits

Author SHA1 Message Date
Aaron Jorbin
0b35c4e2bf Prevent unintended behavior when certain objects are unserialized.
Props ehtis, xknown.

Built from https://develop.svn.wordpress.org/trunk@56835


git-svn-id: http://core.svn.wordpress.org/trunk@56347 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-10-12 12:34:33 +00:00
costdev
4920adb477 External Libraries: Update the Requests library to version 2.0.8.
This is a maintenance release with minor changes:
- Only force close cURL connection when needed (cURL < 7.22).

References:
- [https://github.com/WordPress/Requests/releases/tag/v2.0.8 Requests 2.0.8 release notes]
- [https://github.com/WordPress/Requests/compare/v2.0.6...v2.0.8 Full list of changes in Requests 2.0.8]

Follow-up to [54997], [55007], [55046], [55225], [55296], [55629].

Props jrf, mukesh27, spacedmonkey, costdev.
Fixes #59322.
Built from https://develop.svn.wordpress.org/trunk@56554


git-svn-id: http://core.svn.wordpress.org/trunk@56066 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-09-11 10:33:19 +00:00
Sergey Biryukov
94b55b2643 External Libraries: Update the Requests library to version 2.0.6.
This is a maintenance release with minor changes:
* Fix typo in deprecation notice.
* Minor internal improvements for passing the correct type to function calls.
* Confirmed compatibility with PHP 8.2. No changes were needed, so Requests 2.0.1 and higher can be considered compatible with PHP 8.2.
* Various documentation improvements and other general housekeeping.

References:
* [https://github.com/WordPress/Requests/releases/tag/v2.0.6 Requests 2.0.6 release notes]
* [https://github.com/WordPress/Requests/compare/v2.0.5...v2.0.6 Full list of changes in Requests 2.0.6]

Follow-up to [54997], [55007], [55046], [55225], [55296].

Props jrf, costdev.
Fixes #58079.
Built from https://develop.svn.wordpress.org/trunk@55629


git-svn-id: http://core.svn.wordpress.org/trunk@55141 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2023-04-05 13:12:26 +00:00
hellofromTonya
eff9f72714 HTTP API: Adds BC-layer /library/Requests.php file.
When the Requests 2.0.0 [7ef0774f0b/src/Autoload.php (L141-L143) autoloader detects the older (deprecated) `Requests` class], it attempts to load [https://github.com/WordPress/Requests/blob/v2.0.0/library/Requests.php its `/library/Requests.php` file]. Prior to this commit, this file did not exist in Core. Thus, a fatal error happened.

Why not change Requests Autoloader?
Requests is an external dependency that Core consumes. It is also used by other projects outside of Core. Thus, Core needs a fix to guard itself to prevent a fatal error.

The fix:
* Adds the missing `wp-includes/Requests/library/Requests.php` file, which then loads the `wp-includes/class-requests.php` (which will throw a deprecation notice to alert developers to upgrade).
* Adds a test.

Follow-up to [54997].

Props bjorsch, costdev, jrf, mukesh27, peterwilsoncc, ironprogrammer, hellofromTonya.
Fixes #57341.
Built from https://develop.svn.wordpress.org/trunk@55007


git-svn-id: http://core.svn.wordpress.org/trunk@54540 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-12-19 15:12:11 +00:00
hellofromTonya
645e753a51 External Libraries: Update Requests library to version 2.0.0.
This is a major release and contains breaking changes.

Most important changes to be aware of for this release:
* All code is now namespaced. Though there is a full backward compatibility layer available and the old class names are still supported, using them will generate a deprecation notice (which can be silenced by plugins if they'd need to support multiple WP versions). See the [https://requests.ryanmccue.info/docs/upgrading.html upgrade guide] for more details.
* A lot of classes have been marked `final`. This should generally not affect userland code as care has been taken to not apply the `final` keyword to classes which are known to be extended in userland code.
* Extensive input validation has been added to Requests. When Requests is used as documented though, this will be unnoticable.
* A new `WpOrg\Requests\Requests::has_capabilities()` method has been introduced which can be used to address #37708.
* A new `WpOrg\Requests\Response::decode_body()` method has been introduced which may be usable to simplify some of the WP native wrapper code.
* Remaining PHP 8.0 compatibility fixed (support for named parameters).
* PHP 8.1 compatibility.

Release notes: https://github.com/WordPress/Requests/releases/tag/v2.0.0

For a full list of changes in this update, see the Requests GitHub:
https://github.com/WordPress/Requests/compare/v1.8.1...v2.0.0

This commit also resolves 2 blocking issues which previously caused the revert of [52244]:

* New Requests files are loaded into `wp-includes/Requests/src/`, matching the location of the library. In doing so, filesystems that are case-insensitive are not impacted (see #54582).
* Preload: During a Core update, the old Requests files are preloaded into memory before the update deletes the files. Preloading avoids fatal errors noted in #54562. 

Follow-up to [50842], [51078], [52244], [52315], [52327], [52328].

Props jrf, schlessera, datagutten, wojsmol, dustinrue, soulseekah, szepeviktor. costdev, sergeybiryukov, peterwilsoncc, ironprogrammer, antonvlasenko, hellofromTonya, swissspidy, dd32, azaozz, TobiasBg, audrasjb.
Fixes #54504.
See #54582, #54562.
Built from https://develop.svn.wordpress.org/trunk@54997


git-svn-id: http://core.svn.wordpress.org/trunk@54530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-12-15 21:32:17 +00:00
Sergey Biryukov
47c4ff7102 HTTP API: Revert changeset [52244].
Reverting Requests 2.0.0 changes and moving to WordPress 6.0 cycle. Why? The namespace and file case renaming revealed 2 issues in Core's upgrader process.

See https://core.trac.wordpress.org/ticket/54504#comment:22 for more information.

Follow-up to [52327].

See #54562, #54504.
Built from https://develop.svn.wordpress.org/trunk@52328


git-svn-id: http://core.svn.wordpress.org/trunk@51920 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-12-06 21:30:03 +00:00
Sergey Biryukov
95f823d933 External Libraries: Update the Requests library to version 2.0.0.
This is a major release and contains breaking changes.

Most important changes to be aware of for this release:
* All code is now namespaced. Though there is a full backward compatibility layer available and the old class names are still supported, using them will generate a deprecation notice (which can be silenced by plugins if they'd need to support multiple WP versions). See the [https://requests.ryanmccue.info/docs/upgrading.html upgrade guide] for more details.
* A lot of classes have been marked `final`. This should generally not affect userland code as care has been taken to not apply the `final` keyword to classes which are known to be extended in userland code.
* Extensive input validation has been added to Requests. When Requests is used as documented though, this will be unnoticable.
* A new `WpOrg\Requests\Requests::has_capabilities()` method has been introduced which can be used to address #37708.
* A new `WpOrg\Requests\Response::decode_body()` method has been introduced which may be usable to simplify some of the WP native wrapper code.
* Remaining PHP 8.0 compatibility fixed (support for named parameters).
* PHP 8.1 compatibility.

Release notes: https://github.com/WordPress/Requests/releases/tag/v2.0.0

For a full list of changes in this update, see the Requests GitHub:
https://github.com/WordPress/Requests/compare/v1.8.1...v2.0.0

Follow-up to [50842], [51078].

Props jrf, schlessera, datagutten, wojsmol, dd32, dustinrue, soulseekah, costdev, szepeviktor.
Fixes #54504.
Built from https://develop.svn.wordpress.org/trunk@52244


git-svn-id: http://core.svn.wordpress.org/trunk@51836 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-11-25 01:12:02 +00:00
desrosj
f221b3eb54 External Libraries: Update the Requests library to version 1.8.0.
While some of the changes in the `1.8.0` release have already been copied to WordPress Core in earlier releases (see [38727], [46258], [47902] and [49382]), this release contains additional improvements, including:

- A significant performance fix when using cURL.
- Improved compliance with RFC2616.

The library has also been moved under the WordPress project’s GitHub organization and can now be found at https://github.com/WordPress/Requests.

Props jrf, dd32, rmccue, justinahinon, netweb, schlessera, TimothyBJacobs, soulseekah, ozh, skithund, carlalexander, travisnorthcutt, desrosj.
Fixes #53101.
Built from https://develop.svn.wordpress.org/trunk@50842


git-svn-id: http://core.svn.wordpress.org/trunk@50451 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-05-11 19:42:02 +00:00
desrosj
cad4a1a3d7 External Libraries: Disable deserialization in Requests_Utility_FilteredIterator
Props xknown, peterwilsoncc, desrosj, dd32, whyisjake.
Merges [49373] to trunk.
Built from https://develop.svn.wordpress.org/trunk@49382


git-svn-id: http://core.svn.wordpress.org/trunk@49141 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-29 18:00:08 +00:00
desrosj
4b60af1a6a General: Remove “whitelist” and “blacklist” in favor of more clear and inclusive language.
“The WordPress open source community cares about diversity. We strive to maintain a welcoming environment where everyone can feel included.”

With this commit, all occurrences of “whitelist” and “blacklist” (with the single exception of the `$new_whitelist_options` global variable) are removed. A new ticket has been opened to explore renaming the `$new_whitelist_options` variable (#50434).

Changing to more specific names or rewording sentences containing these terms not only makes the code more inclusive, but also helps provide clarity. These terms are often ambiguous. What is being blocked or allowed is not always immediately clear. This can make it more difficult for non-native English speakers to read through the codebase.

Words matter. If one contributor feels more welcome because these terms are removed, this was worth the effort.

Props strangerstudios, jorbin, desrosj, joemcgill, timothyblynjacobs, ocean90, ayeshrajans, davidbaumwald, earnjam.
See #48900, #50434.
Fixes #50413.
Built from https://develop.svn.wordpress.org/trunk@48121


git-svn-id: http://core.svn.wordpress.org/trunk@47890 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-22 17:26:13 +00:00
Aaron Jorbin
0ea646a185 External Libraries: Fix PHP 7.4 compatibility issue in the Requests library.
Moves https://github.com/rmccue/Requests/pull/370 into WordPress.

Previous [46258].

See #47746.

Built from https://develop.svn.wordpress.org/trunk@46416


git-svn-id: http://core.svn.wordpress.org/trunk@46214 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-06 17:14:02 +00:00
desrosj
2d29e22e56 External Libraries: Fix PHP 7.4 compatibility issues in the Requests library.
See: https://github.com/rmccue/Requests/compare/v1.7.0...3470169

Props jrf, jorbin, desrosj.
See #47746.
Built from https://develop.svn.wordpress.org/trunk@46258


git-svn-id: http://core.svn.wordpress.org/trunk@46070 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-23 18:11:59 +00:00
Dion Hulse
d317fa487f HTTP: Update Requests to master (0048f3c) which fixes a number of outstanding issues.
Fixes #38070, #37733 by reverting part of [38429] and using the fix in Requests.
Fixes #37992 allowing for connecting to SSL resources on ports other than 443.
Fixes #37991 by not sending default ports in the `Host:` header.
Fixes #37839 to match and decode Chunked responses correctly.
Fixes #38232 allowing a SSL connection to ignore the hostname of the certificate when verification is disabled.

Built from https://develop.svn.wordpress.org/trunk@38727


git-svn-id: http://core.svn.wordpress.org/trunk@38670 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-05 03:24:37 +00:00
Dion Hulse
1dd3ed4bd5 Requests: Update to Requests master (fb5b517) which corrects a logic inversion in the cURL transport checks.
Previously if a host had only disabled one of `curl_init()` or `curl_exec()` it wouldn't get detected correctly by Requests, which caused cURL warnings for users on an affecte dhost.

Fixes #37700 for trunk.

Built from https://develop.svn.wordpress.org/trunk@38274


git-svn-id: http://core.svn.wordpress.org/trunk@38215 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-18 03:48:31 +00:00
Dion Hulse
2d860ae3d6 Requests: Merge handling for custom HTTP methods.
This merges the latest changes to Requests from upstream to add support for custom HTTP methods.
See 1b5ffd8501

Props Ipstenu, ocean90.
Fixes #37503 for trunk.

Built from https://develop.svn.wordpress.org/trunk@38191


git-svn-id: http://core.svn.wordpress.org/trunk@38132 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-08-04 07:14:31 +00:00
Ryan McCue
b8b7a00889 HTTP API: Update Requests.
This introduces a minimum value of 1 second for timeouts passed to cURL.

Internally, cURL uses alarm() for interrupts, which accepts a second-resolution timeout. Any values lower than 1 second are instantly failed rather than being rounded upwards. While this makes the experience worse for those using asynchronous DNS lookups, there's no way to detect which DNS resolver is being used from PHP.

See #33055, #8923.

Built from https://develop.svn.wordpress.org/trunk@37694


git-svn-id: http://core.svn.wordpress.org/trunk@37660 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-14 05:30:28 +00:00
Peter Wilson
47d26cd9fb DOCS: Replace HTTP links with HTTPS.
Replaces unsecure links in documentation and translator comments with their secure versions.

Props johnpgreen, netweb

Fixes #36993

Built from https://develop.svn.wordpress.org/trunk@37674


git-svn-id: http://core.svn.wordpress.org/trunk@37640 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-10 04:50:33 +00:00
Ryan McCue
1e40ba291e HTTP API: Fix compatibility with cURL <7.22
Ensure connections are closed after usage to fix an issue with WP.com URLs used in the tests.

Resynched from GitHub at 95518ce.

See #33055.

Built from https://develop.svn.wordpress.org/trunk@37430


git-svn-id: http://core.svn.wordpress.org/trunk@37396 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-13 11:15:29 +00:00
Ryan McCue
37f6e6813a HTTP API: Replace internals with Requests library.
Requests is a library very similar to WP_HTTP, with a high level of unit test coverage, and has a common lineage and development team. It also supports parallel requests.

See #33055.

Built from https://develop.svn.wordpress.org/trunk@37428


git-svn-id: http://core.svn.wordpress.org/trunk@37394 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-13 04:42:28 +00:00