Ticket #25229: http.php.4.diff
File http.php.4.diff, 2.3 KB (added by , 11 years ago) |
---|
-
wp-includes/http.php
338 338 if ( ! empty ( $_SERVER[ 'HTTP_ORIGIN' ] ) ) 339 339 $origin = $_SERVER[ 'HTTP_ORIGIN' ]; 340 340 341 /** 342 * Change the origin of an HTTP requestion. 343 * 344 * @since 3.4.0 345 * 346 * @param string $origin The original origin for the request. 347 */ 341 348 return apply_filters( 'http_origin', $origin ); 342 349 } 343 350 344 351 /** 345 * Retrieve list of allowed httporigins.352 * Retrieve list of allowed HTTP origins. 346 353 * 347 354 * @since 3.4.0 348 355 * … … 360 367 'https://' . $home_origin[ 'host' ], 361 368 ) ); 362 369 370 /** 371 * Change the origin types allowed for HTTP requests. 372 * 373 * @since 3.4.0 374 * 375 * @param array $allowed_origins { 376 * Default allowed HTTP origins. 377 * @type string Non-secure URL for admin origin. 378 * @type string Secure URL for admin origin. 379 * @type string Non-secure URL for home origin. 380 * @type string Secure URL for home origin. 381 * } 382 */ 363 383 return apply_filters( 'allowed_http_origins' , $allowed_origins ); 364 384 } 365 385 366 386 /** 367 * Determines if the httporigin is an authorized one.387 * Determines if the HTTP origin is an authorized one. 368 388 * 369 389 * @since 3.4.0 370 390 * … … 380 400 if ( $origin && ! in_array( $origin, get_allowed_http_origins() ) ) 381 401 $origin = ''; 382 402 403 /** 404 * Change the allowed HTTP origin result. 405 * 406 * @since 3.4.0 407 * 408 * @param string $origin Result of check for allowed origin. 409 * @param string $origin_arg original origin string passed into is_allowed_http_origin function. 410 */ 383 411 return apply_filters( 'allowed_http_origin', $origin, $origin_arg ); 384 412 } 385 413 … … 458 486 || ( 192 === $parts[0] && 168 === $parts[1] ) 459 487 ) { 460 488 // If host appears local, reject unless specifically allowed. 489 /** 490 * Check if HTTP request is external or not. 491 * 492 * Allows to change and allow external requests for the HTTP request. 493 * 494 * @since 3.6.0 495 * 496 * @param bool false Whether HTTP request is external or not. 497 * @param string $host IP of the requested host. 498 * @param string $url URL of the requested host. 499 */ 461 500 if ( ! apply_filters( 'http_request_host_is_external', false, $host, $url ) ) 462 501 return false; 463 502 }