1056 | | $signature_request = wp_safe_remote_get( $url . '.sig' ); |
1057 | | if ( ! is_wp_error( $signature_request ) && 200 === wp_remote_retrieve_response_code( $signature_request ) ) { |
1058 | | $signature = explode( "\n", wp_remote_retrieve_body( $signature_request ) ); |
| 1056 | |
| 1057 | $signature_url = false; |
| 1058 | $url_path = parse_url( $url, PHP_URL_PATH ); |
| 1059 | if ( substr( $url_path, -4 ) == '.zip' || substr( $url_path, -7 ) == '.tar.gz' ) { |
| 1060 | $signature_url = str_replace( $url_path, $url_path . '.sig', $url ); |
| 1061 | } |
| 1062 | |
| 1063 | /** |
| 1064 | * Filter the URL where the signature for a file is located. |
| 1065 | * |
| 1066 | * @since 5.2 |
| 1067 | * |
| 1068 | * @param false|string $signature_url The URL where signatures can be found for a file, or false if none are known. |
| 1069 | * @param string $url The URL being verified. |
| 1070 | */ |
| 1071 | $signature_url = apply_filters( 'wp_signature_url', $signature_url, $url ); |
| 1072 | |
| 1073 | if ( $signature_url ) { |
| 1074 | $signature_request = wp_safe_remote_get( |
| 1075 | $signature_url, |
| 1076 | array( |
| 1077 | 'limit_response_size' => 10 * 1024, // 10KB should be large enough for quite a few signatures. |
| 1078 | ) |
| 1079 | ); |
| 1080 | |
| 1081 | if ( ! is_wp_error( $signature_request ) && 200 === wp_remote_retrieve_response_code( $signature_request ) ) { |
| 1082 | $signature = explode( "\n", wp_remote_retrieve_body( $signature_request ) ); |
| 1083 | } |