Make WordPress Core

Ticket #58433: 58433-poc.diff

File 58433-poc.diff, 1.5 KB (added by peterwilsoncc, 18 months ago)
  • src/wp-admin/load-scripts.php

    diff --git a/src/wp-admin/load-scripts.php b/src/wp-admin/load-scripts.php
    index 5675b86570..d761cf4f72 100644
    a b wp_default_scripts( $wp_scripts ); 
    4545wp_default_packages_vendor( $wp_scripts );
    4646wp_default_packages_scripts( $wp_scripts );
    4747
    48 if ( isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) && stripslashes( $_SERVER['HTTP_IF_NONE_MATCH'] ) === $wp_version ) {
     48$etag = "WP:{$wp_version};";
     49
     50foreach ( $load as $handle ) {
     51        if ( ! array_key_exists( $handle, $wp_scripts->registered ) ) {
     52                continue;
     53        }
     54
     55        $etag .= "{$handle}:{$wp_scripts->registered[ $handle ]->ver};";
     56}
     57
     58/*
     59 * This is not intended to be cryptographically secure, just a fast way to get
     60 * a fixed length string based on the script versions. As this file does not
     61 * load the WordPress full WordPress environment, it is not possible to use
     62 * the salted wp_hash() function.
     63 */
     64$etag = md5( $etag );
     65
     66if ( isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) && stripslashes( $_SERVER['HTTP_IF_NONE_MATCH'] ) === $etag ) {
    4967        header( "$protocol 304 Not Modified" );
    5068        exit;
    5169}
    foreach ( $load as $handle ) { 
    5977        $out .= get_file( $path ) . "\n";
    6078}
    6179
    62 header( "Etag: $wp_version" );
     80header( "Etag: $etag" );
    6381header( 'Content-Type: application/javascript; charset=UTF-8' );
    6482header( 'Expires: ' . gmdate( 'D, d M Y H:i:s', time() + $expires_offset ) . ' GMT' );
    6583header( "Cache-Control: public, max-age=$expires_offset" );