Andrew Nacin
1ec392175c
Additional checks when evaluating the safety of an HTTP request, to avoid false negatives.
...
* Check if the host is considered a safe redirect host.
* Check if the host is another domain in a multisite installation.
* Add a filter to control this.
This only occurs when the DNS resolution of a domain points elsewhere in an internal network, but only internally (and has its own public IP outside the network). This could be considered a bad configuration.
fixes #24646 .
git-svn-id: http://core.svn.wordpress.org/trunk@24915 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-31 06:44:57 +00:00
Andrew Nacin
3fc038fd6f
Add missing documentation from [24894]. see #24646 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24895 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-30 18:39:57 +00:00
Andrew Nacin
8c7adaa7bd
Introduce wp_safe_remote_request(). Also wp_safe_remote_head(), wp_safe_remote_get(), wp_safe_remote_post().
...
Reverts [24482].
see #24646 .
git-svn-id: http://core.svn.wordpress.org/trunk@24894 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-30 15:37:01 +00:00
Andrew Nacin
ca64e771da
In wp_http_validate_url(), only validate the protocol in lieu of esc_url_raw(). Ensure there is a host component to the URL. fixes #24663 .
...
git-svn-id: http://core.svn.wordpress.org/trunk@24641 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-07-10 13:35:30 +00:00
Andrew Nacin
96ee267343
Better validation of the URL used in core HTTP requests.
...
git-svn-id: http://core.svn.wordpress.org/trunk@24480 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-06-21 06:07:47 +00:00
Ryan Boren
4385abe40f
Add default args list to wp_remote_request|get|post|head docblocks
...
Props DrewAPicture
fixes #23838
git-svn-id: http://core.svn.wordpress.org/trunk@24250 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2013-05-14 14:00:19 +00:00
Ryan Boren
ff07308717
Handle pre-flighted OPTIONS requests in send_origin_headers(). Props nacin. fixes #21024
...
git-svn-id: http://core.svn.wordpress.org/trunk@21988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-24 21:39:04 +00:00
Ryan Boren
f483a85676
Remove unnecessary return by refs. Props wonderboymusic. fixes #21839
...
git-svn-id: http://core.svn.wordpress.org/trunk@21792 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-09-10 17:00:11 +00:00
ryan
9c3ce86280
API for allowing cross origin resource sharing.
...
* Allowed origin whitelist that can be altered by plugins
* Validation of the request origin against the whitelist
* Send Access-Control-Allow-Origin if origin allowed
* get_http_origin(), get_allowed_http_origins(), is_allowed_http_origin(), send_origin_headers()
See #20681
git-svn-id: http://core.svn.wordpress.org/trunk@20794 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2012-05-15 18:46:03 +00:00
ryan
07ff8b216b
Use one space, not two, after trailing punctuation. fixes #19537
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@19593 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-12-13 23:45:31 +00:00
duck_
e4ed63fc6f
Fix typos in documentation (wp-includes/[a-h]). See #18560 .
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@18633 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-09-03 16:02:41 +00:00
westi
a851aaa167
Typo fix props duck_
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@17915 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-05-13 10:00:40 +00:00
westi
81cd0218ec
Introduce wp_http_supports as a much less hacky replacement for the http_transport_(get|post)_debug hooks that plugins could have
...
been using to detect if things like ssl requests were working.
See #17251 props mdawaffe
git-svn-id: http://svn.automattic.com/wordpress/trunk@17914 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2011-05-13 09:56:59 +00:00
ryan
1f93931d55
Always include class-http.php. see #12990
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@14079 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-04-13 21:45:57 +00:00
ryan
9ab7306993
Remove author tags. fixes #12366
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13377 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-24 19:07:21 +00:00
dd32
d271b1357b
Split WP_Http classes into separate file. Fixes #11559
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13274 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-21 02:06:24 +00:00
ryan
dbfb51c6e0
Trim trailing whites
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13268 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-21 00:03:42 +00:00
dd32
0c3a3e9be5
Disable Redirection on HEAD requests. See #10624
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@13149 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-02-14 10:41:07 +00:00
markjaquith
b42ea9c4ea
Update the inline documentation for HTTP to reflect the true order of HTTP transports
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12785 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-21 12:02:55 +00:00
dd32
45b2389358
Fix Typo in r12747, Move cURL Redirection check higher. See #11305
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12749 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-17 09:31:37 +00:00
dd32
5c739a4b9c
Allow WP_HTTP_Fopen to send extra headers and custom user-agents. See #11888
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12748 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-17 09:03:56 +00:00
dd32
b34906e9ec
Allow cURL to follow redirects when running under safe_mode or open_basedir. See #11305
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12747 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-17 08:15:52 +00:00
dd32
8c109d738b
Fix WP_Http_Streams to return a single set of headers in the event of redirections. Fixes #11555
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12746 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-17 08:05:58 +00:00
dd32
651925fe74
Bring WP_Http_Streams maximum redirection into line with the rest of the transports. Fixes #11557
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12745 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-17 08:00:41 +00:00
dd32
e85a09e8e9
Correctly set the body on Curl requests with an empty body. Add a defensive check to WP_Http_Encoding::decompress to prevent the decompression functions running on empty strings. Fixes #11912
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12739 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-16 23:11:28 +00:00
azaozz
36b2df4606
When decompressing try to raw-inflate first, props dd32, fixes #11600
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12642 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2010-01-07 10:26:33 +00:00
ryan
5f20b65114
Don't use CURLOPT_CONNECTTIMEOUT_MS or CURLOPT_TIMEOUT_MS due to bugginess. fixes #11505 see #11499
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12472 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-12-21 19:34:38 +00:00
ryan
28d836c672
Properly handle float timeouts for all transports. Props mdawaffe. fixes #11468
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12424 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-12-17 16:13:58 +00:00
ryan
fee3cd75a3
Remove unused variable. Props hakre. fixes #10765
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12367 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-12-10 22:55:06 +00:00
westi
e7941d795e
Ensure WP_DEBUG is always defined and simplify the checks on it. Fixes #11090 props nacin.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@12207 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-11-18 08:22:49 +00:00
azaozz
e73a081be7
Expose HTTP PUT when supported, props mdawaffe, fixes #10855
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11977 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-09-26 22:52:42 +00:00
ryan
dcf36249d2
Fix content length setup. Props jacobsantos. fixes #10783
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11937 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-09-15 15:57:49 +00:00
ryan
203de75d3d
Use null instead of 0 when setting content length. Props noel. fixes #10783
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11932 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-09-14 20:49:18 +00:00
ryan
8e3808bce2
Remove trailing whitespace
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11930 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-09-14 14:03:32 +00:00
azaozz
5276c457f4
Don use has_action() before do_action() in http.php, props Viper007Bond, fixes #10625
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11835 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-08-16 22:43:48 +00:00
markjaquith
aa6bbb479c
Force IPv4 (127.0.0.1) when connecting to localhost, as many dev environments are not set up to serve on IPv6 (::1). props dd32. fixes #10045
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11759 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-07-31 09:40:16 +00:00
markjaquith
8bd3d6cab9
add some filters so that HTTP requests can be filtered. props johnbillion. fixes #10413
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11758 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-07-31 09:37:45 +00:00
ryan
684d12ae53
Better compression compat. Props dd32. see #10163
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11684 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-07-02 23:18:27 +00:00
azaozz
fe384afb00
Add missing localization in WP_HTTP, props Denis-de-Bernardy, fixes #10231 for trunk
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11653 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-06-26 14:41:12 +00:00
ryan
00c27d7e17
Revert [11524]. curl has its problems, but so does everything else. see #9998 fixes #10104 for trunk
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11630 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-06-23 19:18:27 +00:00
azaozz
782b2624e3
Preferred transport: move curl to last position and fockopen to 2nd position due to higher compatibility, props DD32, fixes #9998
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11524 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-06-06 06:51:35 +00:00
ryan
2df887bd07
Trim tailing whitespace
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11450 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-24 23:47:49 +00:00
ryan
2dab570b8b
Fix bad call to str_replace. see #9395
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11355 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-16 04:46:31 +00:00
ryan
e0763aa711
Support headers split over multiple lines. Props hakre, Denis-de-Bernardy, wnorris. fixes #9395
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11351 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-16 02:17:55 +00:00
ryan
649fd36f57
Add function_exists check for gzdecode. see #9761
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11271 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-11 19:34:24 +00:00
westi
b8bc0b796a
Minor tidy up from merge of changes to BackPress.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11237 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-07 21:49:10 +00:00
westi
79c7fb33fa
Pass just the headers array to should_decode. Fixes #9754 props willnorris.
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11236 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-07 21:18:20 +00:00
ryan
31e805261c
Send valid host when using WP_Http_Fsockopen over SSL. Props mdawaffe. fixes #9699
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11154 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-05-01 23:53:38 +00:00
ryan
36eee06eb3
Use _http_build_query() if PHP version < 5.1.2. Props hakre. fixes #9044
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11143 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-04-30 21:51:16 +00:00
ryan
f2f9eafc26
phpdoc udpates and error checks for http. Props DD32. fixes #8620
...
git-svn-id: http://svn.automattic.com/wordpress/trunk@11091 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-04-26 23:54:59 +00:00