/**
* @dataProvider make_absolute_url_testcases
*/
function test_make_absolute_url($relative_url, $absolute_url, $expected)
{
if (!is_callable(array('WP_HTTP', 'make_absolute_url'))) {
$this->markTestSkipped("This version of WP_HTTP doesn't support WP_HTTP::make_absolute_url()");
return;
}
$actual = WP_HTTP::make_absolute_url($relative_url, $absolute_url);
$this->assertEquals($expected, $actual);
}
/**
* Send a HTTP request to a URI using cURL extension.
*
* @access public
* @since 2.7.0
*
* @param string $url The request URL.
* @param string|array $args Optional. Override the defaults.
* @return array|WP_Error Array containing 'headers', 'body', 'response', 'cookies', 'filename'. A WP_Error instance upon error
*/
public function request($url, $args = array())
{
$defaults = array('method' => 'GET', 'timeout' => 5, 'redirection' => 5, 'httpversion' => '1.0', 'blocking' => true, 'headers' => array(), 'body' => null, 'cookies' => array());
$r = wp_parse_args($args, $defaults);
if (isset($r['headers']['User-Agent'])) {
$r['user-agent'] = $r['headers']['User-Agent'];
unset($r['headers']['User-Agent']);
} elseif (isset($r['headers']['user-agent'])) {
$r['user-agent'] = $r['headers']['user-agent'];
unset($r['headers']['user-agent']);
}
// Construct Cookie: header if any cookies are set.
WP_Http::buildCookieHeader($r);
$handle = curl_init();
// cURL offers really easy proxy support.
$proxy = new WP_HTTP_Proxy();
if ($proxy->is_enabled() && $proxy->send_through_proxy($url)) {
curl_setopt($handle, CURLOPT_PROXYTYPE, CURLPROXY_HTTP);
curl_setopt($handle, CURLOPT_PROXY, $proxy->host());
curl_setopt($handle, CURLOPT_PROXYPORT, $proxy->port());
if ($proxy->use_authentication()) {
curl_setopt($handle, CURLOPT_PROXYAUTH, CURLAUTH_ANY);
curl_setopt($handle, CURLOPT_PROXYUSERPWD, $proxy->authentication());
}
}
$is_local = isset($r['local']) && $r['local'];
$ssl_verify = isset($r['sslverify']) && $r['sslverify'];
if ($is_local) {
/** This filter is documented in wp-includes/class-http.php */
$ssl_verify = apply_filters('https_local_ssl_verify', $ssl_verify);
} elseif (!$is_local) {
/** This filter is documented in wp-includes/class-http.php */
$ssl_verify = apply_filters('https_ssl_verify', $ssl_verify);
}
/*
* CURLOPT_TIMEOUT and CURLOPT_CONNECTTIMEOUT expect integers. Have to use ceil since.
* a value of 0 will allow an unlimited timeout.
*/
$timeout = (int) ceil($r['timeout']);
curl_setopt($handle, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($handle, CURLOPT_TIMEOUT, $timeout);
curl_setopt($handle, CURLOPT_URL, $url);
curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
curl_setopt($handle, CURLOPT_SSL_VERIFYHOST, $ssl_verify === true ? 2 : false);
curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, $ssl_verify);
curl_setopt($handle, CURLOPT_CAINFO, $r['sslcertificates']);
curl_setopt($handle, CURLOPT_USERAGENT, $r['user-agent']);
/*
* The option doesn't work with safe mode or when open_basedir is set, and there's
* a bug #17490 with redirected POST requests, so handle redirections outside Curl.
*/
curl_setopt($handle, CURLOPT_FOLLOWLOCATION, false);
if (defined('CURLOPT_PROTOCOLS')) {
// PHP 5.2.10 / cURL 7.19.4
curl_setopt($handle, CURLOPT_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS);
}
switch ($r['method']) {
case 'HEAD':
curl_setopt($handle, CURLOPT_NOBODY, true);
break;
case 'POST':
curl_setopt($handle, CURLOPT_POST, true);
curl_setopt($handle, CURLOPT_POSTFIELDS, $r['body']);
break;
case 'PUT':
curl_setopt($handle, CURLOPT_CUSTOMREQUEST, 'PUT');
curl_setopt($handle, CURLOPT_POSTFIELDS, $r['body']);
break;
default:
curl_setopt($handle, CURLOPT_CUSTOMREQUEST, $r['method']);
if (!is_null($r['body'])) {
curl_setopt($handle, CURLOPT_POSTFIELDS, $r['body']);
}
break;
}
if (true === $r['blocking']) {
curl_setopt($handle, CURLOPT_HEADERFUNCTION, array($this, 'stream_headers'));
curl_setopt($handle, CURLOPT_WRITEFUNCTION, array($this, 'stream_body'));
}
curl_setopt($handle, CURLOPT_HEADER, false);
if (isset($r['limit_response_size'])) {
$this->max_body_length = intval($r['limit_response_size']);
} else {
$this->max_body_length = false;
}
// If streaming to a file open a file handle, and setup our curl streaming handler.
if ($r['stream']) {
if (!WP_DEBUG) {
$this->stream_handle = @fopen($r['filename'], 'w+');
} else {
$this->stream_handle = fopen($r['filename'], 'w+');
}
if (!$this->stream_handle) {
return new WP_Error('http_request_failed', sprintf(__('Could not open handle for fopen() to %s'), $r['filename']));
}
} else {
$this->stream_handle = false;
}
if (!empty($r['headers'])) {
// cURL expects full header strings in each element.
$headers = array();
foreach ($r['headers'] as $name => $value) {
$headers[] = "{$name}: {$value}";
}
curl_setopt($handle, CURLOPT_HTTPHEADER, $headers);
}
if ($r['httpversion'] == '1.0') {
curl_setopt($handle, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0);
} else {
curl_setopt($handle, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
}
/**
* Fires before the cURL request is executed.
*
* Cookies are not currently handled by the HTTP API. This action allows
* plugins to handle cookies themselves.
*
* @since 2.8.0
*
* @param resource &$handle The cURL handle returned by curl_init().
* @param array $r The HTTP request arguments.
* @param string $url The request URL.
*/
do_action_ref_array('http_api_curl', array(&$handle, $r, $url));
// We don't need to return the body, so don't. Just execute request and return.
if (!$r['blocking']) {
curl_exec($handle);
if ($curl_error = curl_error($handle)) {
curl_close($handle);
return new WP_Error('http_request_failed', $curl_error);
}
if (in_array(curl_getinfo($handle, CURLINFO_HTTP_CODE), array(301, 302))) {
curl_close($handle);
return new WP_Error('http_request_failed', __('Too many redirects.'));
}
curl_close($handle);
return array('headers' => array(), 'body' => '', 'response' => array('code' => false, 'message' => false), 'cookies' => array());
}
curl_exec($handle);
$theHeaders = WP_Http::processHeaders($this->headers, $url);
$theBody = $this->body;
$bytes_written_total = $this->bytes_written_total;
$this->headers = '';
$this->body = '';
$this->bytes_written_total = 0;
$curl_error = curl_errno($handle);
// If an error occurred, or, no response.
if ($curl_error || 0 == strlen($theBody) && empty($theHeaders['headers'])) {
if (CURLE_WRITE_ERROR == $curl_error) {
if (!$this->max_body_length || $this->max_body_length != $bytes_written_total) {
if ($r['stream']) {
curl_close($handle);
fclose($this->stream_handle);
return new WP_Error('http_request_failed', __('Failed to write request to temporary file.'));
} else {
curl_close($handle);
return new WP_Error('http_request_failed', curl_error($handle));
}
}
} else {
if ($curl_error = curl_error($handle)) {
curl_close($handle);
return new WP_Error('http_request_failed', $curl_error);
}
}
if (in_array(curl_getinfo($handle, CURLINFO_HTTP_CODE), array(301, 302))) {
curl_close($handle);
return new WP_Error('http_request_failed', __('Too many redirects.'));
}
}
curl_close($handle);
if ($r['stream']) {
fclose($this->stream_handle);
}
$response = array('headers' => $theHeaders['headers'], 'body' => null, 'response' => $theHeaders['response'], 'cookies' => $theHeaders['cookies'], 'filename' => $r['filename']);
// Handle redirects.
if (false !== ($redirect_response = WP_HTTP::handle_redirects($url, $r, $response))) {
return $redirect_response;
}
if (true === $r['decompress'] && true === WP_Http_Encoding::should_decode($theHeaders['headers'])) {
$theBody = WP_Http_Encoding::decompress($theBody);
}
$response['body'] = $theBody;
return $response;
}
/**
* Callback to add a base url to relative links in passed content.
*
* @since 2.7.0
* @access private
*
* @global string $_links_add_base
*
* @param string $m The matched link.
* @return string The processed link.
*/
function _links_add_base($m)
{
global $_links_add_base;
//1 = attribute name 2 = quotation mark 3 = URL
return $m[1] . '=' . $m[2] . (preg_match('#^(\\w{1,20}):#', $m[3], $protocol) && in_array($protocol[1], wp_allowed_protocols()) ? $m[3] : WP_HTTP::make_absolute_url($m[3], $_links_add_base)) . $m[2];
}
public static function parse_url($url)
{
return parent::parse_url($url);
}
/**
* Send a HTTP request to a URI using cURL extension.
*
* @access public
* @since 2.7.0
*
* @param string $url
* @param str|array $args Optional. Override the defaults.
* @return array 'headers', 'body', 'response', 'cookies' and 'filename' keys.
*/
function request($url, $args = array())
{
$defaults = array('method' => 'GET', 'timeout' => 5, 'redirection' => 5, 'httpversion' => '1.0', 'blocking' => true, 'headers' => array(), 'body' => null, 'cookies' => array());
$r = wp_parse_args($args, $defaults);
if (isset($r['headers']['User-Agent'])) {
$r['user-agent'] = $r['headers']['User-Agent'];
unset($r['headers']['User-Agent']);
} else {
if (isset($r['headers']['user-agent'])) {
$r['user-agent'] = $r['headers']['user-agent'];
unset($r['headers']['user-agent']);
}
}
// Construct Cookie: header if any cookies are set.
WP_Http::buildCookieHeader($r);
$handle = curl_init();
// cURL offers really easy proxy support.
$proxy = new WP_HTTP_Proxy();
if ($proxy->is_enabled() && $proxy->send_through_proxy($url)) {
curl_setopt($handle, CURLOPT_PROXYTYPE, CURLPROXY_HTTP);
curl_setopt($handle, CURLOPT_PROXY, $proxy->host());
curl_setopt($handle, CURLOPT_PROXYPORT, $proxy->port());
if ($proxy->use_authentication()) {
curl_setopt($handle, CURLOPT_PROXYAUTH, CURLAUTH_ANY);
curl_setopt($handle, CURLOPT_PROXYUSERPWD, $proxy->authentication());
}
}
$is_local = isset($r['local']) && $r['local'];
$ssl_verify = isset($r['sslverify']) && $r['sslverify'];
if ($is_local) {
$ssl_verify = apply_filters('https_local_ssl_verify', $ssl_verify);
} elseif (!$is_local) {
$ssl_verify = apply_filters('https_ssl_verify', $ssl_verify);
}
// CURLOPT_TIMEOUT and CURLOPT_CONNECTTIMEOUT expect integers. Have to use ceil since
// a value of 0 will allow an unlimited timeout.
$timeout = (int) ceil($r['timeout']);
curl_setopt($handle, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($handle, CURLOPT_TIMEOUT, $timeout);
curl_setopt($handle, CURLOPT_URL, $url);
curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
curl_setopt($handle, CURLOPT_SSL_VERIFYHOST, $ssl_verify === true ? 2 : false);
curl_setopt($handle, CURLOPT_SSL_VERIFYPEER, $ssl_verify);
curl_setopt($handle, CURLOPT_USERAGENT, $r['user-agent']);
// The option doesn't work with safe mode or when open_basedir is set, and there's a
// bug #17490 with redirected POST requests, so handle redirections outside Curl.
curl_setopt($handle, CURLOPT_FOLLOWLOCATION, false);
switch ($r['method']) {
case 'HEAD':
curl_setopt($handle, CURLOPT_NOBODY, true);
break;
case 'POST':
curl_setopt($handle, CURLOPT_POST, true);
curl_setopt($handle, CURLOPT_POSTFIELDS, $r['body']);
break;
case 'PUT':
curl_setopt($handle, CURLOPT_CUSTOMREQUEST, 'PUT');
curl_setopt($handle, CURLOPT_POSTFIELDS, $r['body']);
break;
default:
curl_setopt($handle, CURLOPT_CUSTOMREQUEST, $r['method']);
if (!is_null($r['body'])) {
curl_setopt($handle, CURLOPT_POSTFIELDS, $r['body']);
}
break;
}
if (true === $r['blocking']) {
curl_setopt($handle, CURLOPT_HEADERFUNCTION, array($this, 'stream_headers'));
curl_setopt($handle, CURLOPT_WRITEFUNCTION, array($this, 'stream_body'));
}
curl_setopt($handle, CURLOPT_HEADER, false);
if (isset($r['limit-response-size'])) {
$this->max_body_length = intval($r['limit-response-size']);
} else {
$this->max_body_length = false;
}
// If streaming to a file open a file handle, and setup our curl streaming handler
if ($r['stream']) {
if (!WP_DEBUG) {
$this->stream_handle = @fopen($r['filename'], 'w+');
} else {
$this->stream_handle = fopen($r['filename'], 'w+');
}
if (!$this->stream_handle) {
return new WP_Error('http_request_failed', sprintf(__('Could not open handle for fopen() to %s'), $r['filename']));
}
} else {
$this->stream_handle = false;
}
if (!empty($r['headers'])) {
// cURL expects full header strings in each element
$headers = array();
foreach ($r['headers'] as $name => $value) {
$headers[] = "{$name}: {$value}";
}
curl_setopt($handle, CURLOPT_HTTPHEADER, $headers);
}
if ($r['httpversion'] == '1.0') {
curl_setopt($handle, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0);
} else {
curl_setopt($handle, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
}
// Cookies are not handled by the HTTP API currently. Allow for plugin authors to handle it
// themselves... Although, it is somewhat pointless without some reference.
do_action_ref_array('http_api_curl', array(&$handle));
// We don't need to return the body, so don't. Just execute request and return.
if (!$r['blocking']) {
curl_exec($handle);
if ($curl_error = curl_error($handle)) {
curl_close($handle);
return new WP_Error('http_request_failed', $curl_error);
}
if (in_array(curl_getinfo($handle, CURLINFO_HTTP_CODE), array(301, 302))) {
curl_close($handle);
return new WP_Error('http_request_failed', __('Too many redirects.'));
}
curl_close($handle);
return array('headers' => array(), 'body' => '', 'response' => array('code' => false, 'message' => false), 'cookies' => array());
}
$theResponse = curl_exec($handle);
$theHeaders = WP_Http::processHeaders($this->headers);
$theBody = $this->body;
$this->headers = '';
$this->body = '';
// If no response
if (0 == strlen($theBody) && empty($theHeaders['headers'])) {
if ($curl_error = curl_error($handle)) {
curl_close($handle);
return new WP_Error('http_request_failed', $curl_error);
}
if (in_array(curl_getinfo($handle, CURLINFO_HTTP_CODE), array(301, 302))) {
curl_close($handle);
return new WP_Error('http_request_failed', __('Too many redirects.'));
}
}
$response = array();
$response['code'] = curl_getinfo($handle, CURLINFO_HTTP_CODE);
$response['message'] = get_status_header_desc($response['code']);
curl_close($handle);
if ($r['stream']) {
fclose($this->stream_handle);
}
// See #11305 - When running under safe mode, redirection is disabled above. Handle it manually.
if (!empty($theHeaders['headers']['location']) && 0 !== $r['_redirection']) {
// _redirection: The requested number of redirections
if ($r['redirection']-- > 0) {
return wp_remote_request(WP_HTTP::make_absolute_url($theHeaders['headers']['location'], $url), $r);
} else {
return new WP_Error('http_request_failed', __('Too many redirects.'));
}
}
if (true === $r['decompress'] && true === WP_Http_Encoding::should_decode($theHeaders['headers'])) {
$theBody = WP_Http_Encoding::decompress($theBody);
}
return array('headers' => $theHeaders['headers'], 'body' => $theBody, 'response' => $response, 'cookies' => $theHeaders['cookies'], 'filename' => $r['filename']);
}
/**
* Process links in content
* @global obj $wpdb DB instance
* @global obj $post Current post
* @param string $content Text containing links
* @param string (optional) $group Group to add links to (Default: none)
* @return string Content with processed links
*/
protected function process_links($content, $group = null)
{
// Extract links
$links = $this->get_links($content, true);
// Do not process content without links
if (empty($links)) {
return $content;
}
// Process links
static $protocol = array('http://', 'https://');
static $qv_att = 'attachment_id';
static $uri_origin = null;
if (!is_array($uri_origin)) {
$uri_parts = array_fill_keys(array('scheme', 'host', 'path'), '');
$uri_origin = wp_parse_args(parse_url(strtolower(home_url())), $uri_parts);
}
static $uri_proto = null;
if (empty($uri_proto)) {
$uri_proto = (object) array('raw' => '', 'source' => '', 'parts' => '');
}
$uri_parts_required = array('host' => '');
// Setup group properties
$g_props = (object) array('enabled' => $this->options->get_bool('group_links'), 'attr' => 'group', 'base' => '', 'legacy_prefix' => 'lightbox[', 'legacy_suffix' => ']');
if ($g_props->enabled) {
$g_props->base = is_scalar($group) ? trim(strval($group)) : '';
}
// Initialize content handlers
if (!$this->handlers instanceof SLB_Content_Handlers) {
$this->handlers = new SLB_Content_Handlers($this);
}
// Iterate through and activate supported links
foreach ($links as $link) {
// Init vars
$pid = 0;
$link_new = $link;
$uri = clone $uri_proto;
$type = false;
$props_extra = array();
$key = null;
$internal = false;
// Parse link attributes
$attrs = $this->util->parse_attribute_string($link_new, array('href' => ''));
// Get URI
$uri->raw = $attrs['href'];
// Stop processing invalid links
if (!$this->validate_uri($uri->raw) || $this->has_attribute($attrs, 'active', false)) {
continue;
}
// Normalize URI (make absolute)
$uri->source = WP_HTTP::make_absolute_url($uri->raw, $uri_origin['scheme'] . '://' . $uri_origin['host']);
// URI cached?
$key = $this->get_media_item_id($uri->source);
// Internal URI? (e.g. attachments)
if (!$key) {
$uri->parts = array_merge($uri_parts_required, (array) parse_url($uri->source));
$internal = $uri->parts['host'] === $uri_origin['host'] ? true : false;
// Attachment?
if ($internal && is_local_attachment($uri->source)) {
$pid = url_to_postid($uri->source);
$src = wp_get_attachment_url($pid);
if (!!$src) {
$uri->source = $src;
$props_extra['id'] = $pid;
// Check cache for attachment source URI
$key = $this->get_media_item_id($uri->source);
}
unset($src);
}
}
// Determine content type
if (!$key) {
// Get handler match
$hdl_result = $this->handlers->match($uri->source);
if (!!$hdl_result->handler) {
$type = $hdl_result->handler->get_id();
$props_extra = $hdl_result->props;
// Updated source URI
if (isset($props_extra['uri'])) {
$uri->source = $props_extra['uri'];
unset($props_extra['uri']);
}
}
// Cache valid item
if (!!$type) {
$key = $this->cache_media_item($uri, $type, $internal, $props_extra);
}
}
// Stop processing invalid links
if (!$key) {
// Cache invalid URI
$this->validated_uris[$uri->source] = false;
if ($uri->raw !== $uri->source) {
$this->validated_uris[$uri->raw] = false;
}
continue;
}
// Activate link
$this->set_attribute($attrs, 'active');
$this->set_attribute($attrs, 'asset', $key);
// Mark internal links
if ($internal) {
$this->set_attribute($attrs, 'internal', $pid);
}
// Set group (if enabled)
if ($g_props->enabled) {
$group = array();
// Get preset group attribute
$g = $this->has_attribute($attrs, $g_props->attr) ? $this->get_attribute($attrs, $g_props->attr) : '';
if (is_string($g) && ($g = trim($g)) && !empty($g)) {
$group[] = $g;
} elseif (!empty($g_props->base)) {
$group[] = $g_props->base;
}
$group = $this->util->apply_filters('get_group_id', $group);
// Default group
if (empty($group) || !is_array($group)) {
$group = $this->get_prefix();
} else {
$group = implode('_', $group);
}
// Set group attribute
$this->set_attribute($attrs, $g_props->attr, $group);
unset($g);
}
// Filter attributes
$attrs = $this->util->apply_filters('process_link_attributes', $attrs);
// Update link in content
$link_new = '<a ' . $this->util->build_attribute_string($attrs) . '>';
$content = str_replace($link, $link_new, $content);
}
// Handle widget content
if (!!$this->widget_processing && 'the_content' == current_filter()) {
$content = $this->exclude_wrap($content);
}
return $content;
}
/**
* Verifies the received SSL certificate against it's Common Names and subjectAltName fields
*
* PHP's SSL verifications only verify that it's a valid Certificate, it doesn't verify if
* the certificate is valid for the hostname which was requested.
* This function verifies the requested hostname against certificate's subjectAltName field,
* if that is empty, or contains no DNS entries, a fallback to the Common Name field is used.
*
* IP Address support is included if the request is being made to an IP address.
*
* @since 3.7.0
* @static
*
* @param stream $stream The PHP Stream which the SSL request is being made over
* @param string $host The hostname being requested
* @return bool If the cerficiate presented in $stream is valid for $host
*/
public static function verify_ssl_certificate($stream, $host)
{
$context_options = stream_context_get_options($stream);
if (empty($context_options['ssl']['peer_certificate'])) {
return false;
}
$cert = openssl_x509_parse($context_options['ssl']['peer_certificate']);
if (!$cert) {
return false;
}
/*
* If the request is being made to an IP address, we'll validate against IP fields
* in the cert (if they exist)
*/
$host_type = WP_HTTP::is_ip_address($host) ? 'ip' : 'dns';
$certificate_hostnames = array();
if (!empty($cert['extensions']['subjectAltName'])) {
$match_against = preg_split('/,\\s*/', $cert['extensions']['subjectAltName']);
foreach ($match_against as $match) {
list($match_type, $match_host) = explode(':', $match);
if ($host_type == strtolower(trim($match_type))) {
// IP: or DNS:
$certificate_hostnames[] = strtolower(trim($match_host));
}
}
} elseif (!empty($cert['subject']['CN'])) {
// Only use the CN when the certificate includes no subjectAltName extension.
$certificate_hostnames[] = strtolower($cert['subject']['CN']);
}
// Exact hostname/IP matches.
if (in_array(strtolower($host), $certificate_hostnames)) {
return true;
}
// IP's can't be wildcards, Stop processing.
if ('ip' == $host_type) {
return false;
}
// Test to see if the domain is at least 2 deep for wildcard support.
if (substr_count($host, '.') < 2) {
return false;
}
// Wildcard subdomains certs (*.example.com) are valid for a.example.com but not a.b.example.com.
$wildcard_host = preg_replace('/^[^.]+\\./', '*.', $host);
return in_array(strtolower($wildcard_host), $certificate_hostnames);
}
/**
* Send a HTTP request to a URI using HTTP extension.
*
* Does not support non-blocking.
*
* @access public
* @since 2.7
*
* @param string $url
* @param str|array $args Optional. Override the defaults.
* @return array 'headers', 'body', 'cookies' and 'response' keys.
*/
function request($url, $args = array())
{
$defaults = array('method' => 'GET', 'timeout' => 5, 'redirection' => 5, 'httpversion' => '1.0', 'blocking' => true, 'headers' => array(), 'body' => null, 'cookies' => array());
$r = wp_parse_args($args, $defaults);
if (isset($r['headers']['User-Agent'])) {
$r['user-agent'] = $r['headers']['User-Agent'];
unset($r['headers']['User-Agent']);
} else {
if (isset($r['headers']['user-agent'])) {
$r['user-agent'] = $r['headers']['user-agent'];
unset($r['headers']['user-agent']);
}
}
// Construct Cookie: header if any cookies are set
WP_Http::buildCookieHeader($r);
switch ($r['method']) {
case 'POST':
$r['method'] = HTTP_METH_POST;
break;
case 'HEAD':
$r['method'] = HTTP_METH_HEAD;
break;
case 'PUT':
$r['method'] = HTTP_METH_PUT;
break;
case 'GET':
default:
$r['method'] = HTTP_METH_GET;
}
$arrURL = parse_url($url);
if ('http' != $arrURL['scheme'] || 'https' != $arrURL['scheme']) {
$url = preg_replace('|^' . preg_quote($arrURL['scheme'], '|') . '|', 'http', $url);
}
$is_local = isset($args['local']) && $args['local'];
$ssl_verify = isset($args['sslverify']) && $args['sslverify'];
if ($is_local) {
$ssl_verify = apply_filters('https_local_ssl_verify', $ssl_verify);
} elseif (!$is_local) {
$ssl_verify = apply_filters('https_ssl_verify', $ssl_verify);
}
$r['timeout'] = (int) ceil($r['timeout']);
$options = array('timeout' => $r['timeout'], 'connecttimeout' => $r['timeout'], 'redirect' => $r['redirection'], 'useragent' => $r['user-agent'], 'headers' => $r['headers'], 'ssl' => array('verifypeer' => $ssl_verify, 'verifyhost' => $ssl_verify));
if (HTTP_METH_HEAD == $r['method']) {
$options['redirect'] = 0;
}
// Assumption: Docs seem to suggest that this means do not follow. Untested.
// The HTTP extensions offers really easy proxy support.
$proxy = new WP_HTTP_Proxy();
if ($proxy->is_enabled() && $proxy->send_through_proxy($url)) {
$options['proxyhost'] = $proxy->host();
$options['proxyport'] = $proxy->port();
$options['proxytype'] = HTTP_PROXY_HTTP;
if ($proxy->use_authentication()) {
$options['proxyauth'] = $proxy->authentication();
$options['proxyauthtype'] = HTTP_AUTH_ANY;
}
}
if (!WP_DEBUG) {
//Emits warning level notices for max redirects and timeouts
$strResponse = @http_request($r['method'], $url, $r['body'], $options, $info);
} else {
$strResponse = http_request($r['method'], $url, $r['body'], $options, $info);
}
//Emits warning level notices for max redirects and timeouts
// Error may still be set, Response may return headers or partial document, and error
// contains a reason the request was aborted, eg, timeout expired or max-redirects reached.
if (false === $strResponse || !empty($info['error'])) {
return new WP_Error('http_request_failed', $info['response_code'] . ': ' . $info['error']);
}
if (!$r['blocking']) {
return array('headers' => array(), 'body' => '', 'response' => array('code' => false, 'message' => false), 'cookies' => array());
}
$headers_body = WP_HTTP::processResponse($strResponse);
$theHeaders = $headers_body['headers'];
$theBody = $headers_body['body'];
unset($headers_body);
$theHeaders = WP_Http::processHeaders($theHeaders);
if (!empty($theBody) && isset($theHeaders['headers']['transfer-encoding']) && 'chunked' == $theHeaders['headers']['transfer-encoding']) {
if (!WP_DEBUG) {
$theBody = @http_chunked_decode($theBody);
} else {
$theBody = http_chunked_decode($theBody);
}
}
if (true === $r['decompress'] && true === WP_Http_Encoding::should_decode($theHeaders['headers'])) {
$theBody = http_inflate($theBody);
}
$theResponse = array();
$theResponse['code'] = $info['response_code'];
$theResponse['message'] = get_status_header_desc($info['response_code']);
return array('headers' => $theHeaders['headers'], 'body' => $theBody, 'response' => $theResponse, 'cookies' => $theHeaders['cookies']);
}
/**
* Handles HTTP Redirects and follows them if appropriate.
*
* @since 3.7.0
*
* @static
*
* @param string $url The URL which was requested.
* @param array $args The Arguments which were used to make the request.
* @param array $response The Response of the HTTP request.
* @return false|object False if no redirect is present, a WP_HTTP or WP_Error result otherwise.
*/
public static function handle_redirects($url, $args, $response)
{
// If no redirects are present, or, redirects were not requested, perform no action.
if (!isset($response['headers']['location']) || 0 === $args['_redirection']) {
return false;
}
// Only perform redirections on redirection http codes.
if ($response['response']['code'] > 399 || $response['response']['code'] < 300) {
return false;
}
// Don't redirect if we've run out of redirects.
if ($args['redirection']-- <= 0) {
return new WP_Error('http_request_failed', __('Too many redirects.'));
}
$redirect_location = $response['headers']['location'];
// If there were multiple Location headers, use the last header specified.
if (is_array($redirect_location)) {
$redirect_location = array_pop($redirect_location);
}
$redirect_location = WP_HTTP::make_absolute_url($redirect_location, $url);
// POST requests should not POST to a redirected location.
if ('POST' == $args['method']) {
if (in_array($response['response']['code'], array(302, 303))) {
$args['method'] = 'GET';
}
}
// Include valid cookies in the redirect process.
if (!empty($response['cookies'])) {
foreach ($response['cookies'] as $cookie) {
if ($cookie->test($redirect_location)) {
$args['cookies'][] = $cookie;
}
}
}
return wp_remote_request($redirect_location, $args);
}
