WordPress.org

Make WordPress Core

Ticket #41934: is_bad_request_test_revision2.php

File is_bad_request_test_revision2.php, 2.7 KB (added by rpayne7264, 19 months ago)

Removed 'ico' param in wp_favicon_request_x() code

Line 
1<?php
2// Load the WordPress Environment
3// define( 'WP_DEBUG', true ); /* uncomment for debug mode */
4
5
6require('./wp-load.php');
7
8/**
9 * Check if we have received a junk request, based on file extension.
10 *
11 * Use the 'wp_is_bad_request_extensions' filter to add or remove allowed file extensions.
12 *
13 * Use the 'wp_is_bad_request' filter to return the boolean value of a custom evaluation.
14 *
15 * As a 'best practice', plugin developers should utilize this function as a
16 * way to prevent running plugin code unnecessarily.
17 *
18 * @uses wp_get_mime_types() to retrieve list of mime types and file extensions.
19 *
20 * @author Robert D Payne <rpayne@rdptechsolutions.com>
21 *
22 * @param string $extension Extension of requested file
23 * @return bool True if the the HTTP request is considered junk, false otherwise
24 */
25function wp_is_bad_request($extension = '') {
26    $isBad = false;
27
28        if(empty($extension)):
29                $url = (isset($_SERVER['REQUEST_URI']))? $_SERVER['REQUEST_URI'] : '';
30                $url_parts = parse_url($url);
31                $path = (empty($url_parts["path"]))? '' : $url_parts["path"];
32                $extension = pathinfo($path, PATHINFO_EXTENSION);
33        endif;
34
35
36    if(!empty($extension)):
37        $ext = strtolower($extension);
38        $mimes = apply_filters('wp_is_bad_request_extensions', wp_get_mime_types()) ;
39                $extList = array();
40
41        foreach ($mimes as $key => $value) {
42            $ak = explode('|', $key);
43            $extList = array_merge($extList,$ak)  ;
44        }
45
46                $isBad = in_array($ext, $extList);
47    endif;
48
49    return apply_filters( 'wp_is_bad_request', $isBad);
50}//is_bad_request
51
52
53// allow HTTP requests for audio files
54add_filter('wp_is_bad_request_extensions', 'rdp_mime_types_filter');
55function rdp_mime_types_filter($mimes){
56        echo 'apply filter to allow HTTP requests for audio files';
57    unset($mimes['mp3|m4a|m4b']);
58    unset($mimes['ra|ram']);
59    unset($mimes['wav']);
60    unset($mimes['ogg|oga']);
61    unset($mimes['mid|midi']);
62    unset($mimes['wma']);
63    unset($mimes['wax']);
64    unset($mimes['mka']);
65    return $mimes;
66}
67
68echo "test: wp_is_bad_request()<br>";
69echo 'expected value: false<br>';
70$isBad = wp_is_bad_request();
71var_dump($isBad);
72
73// ico extension
74echo "test: wp_is_bad_request('ico')<br>";
75echo 'expected value: true<br>';
76$isBad = wp_is_bad_request('ico');
77var_dump($isBad);
78
79// wav extension
80echo "test: wp_is_bad_request('wav')<br>";
81echo 'expected value: false<br>';
82$isBad = wp_is_bad_request('wav');
83var_dump($isBad);
84
85
86
87
88/**
89 * Don't load all of WordPress when handling a favicon.ico request.
90 *
91 * Instead, send the headers for a zero-length favicon and bail.
92 *
93 * @since 3.0.0
94 */
95function wp_favicon_request_x() {
96        $isBad = wp_is_bad_request();
97        if($isBad){
98                header('Content-Type: image/vnd.microsoft.icon');
99                exit;
100        }
101}