Ticket #58494: 58494.diff

src/wp-admin/includes/class-wp-site-health.php

@@ -1560 +1560 @@
          */
         public function get_test_https_status() {
                 /*
-                 * Enforce fresh HTTPS detection results. This is normally invoked by using cron,
-                 * but for Site Health it should always rely on the latest results.
+                 * Check HTTPS detection results.
                  */
-                wp_update_https_detection_errors();
+                $errors = wp_get_https_detection_errors();
 
                 $default_update_url = wp_get_default_update_https_url();
 

src/wp-includes/default-filters.php

@@ -388 +388 @@
         add_action( 'init', 'wp_cron' );
 }
 
-// HTTPS detection.
-add_action( 'init', 'wp_schedule_https_detection' );
-add_action( 'wp_https_detection', 'wp_update_https_detection_errors' );
-add_filter( 'cron_request', 'wp_cron_conditionally_prevent_sslverify', 9999 );
-
 // HTTPS migration.
 add_action( 'update_option_home', 'wp_update_https_migration_required', 10, 2 );
 

src/wp-includes/deprecated.php

@@ -5367 +5367 @@
 
         return $colors;
 }
+
+
+/**
+ * Runs a remote HTTPS request to detect whether HTTPS supported, and stores potential errors.
+ *
+ * This internal function is called by a regular Cron hook to ensure HTTPS support is detected and maintained.
+ *
+ * @since 5.7.0
+ * @deprecated 6.4.0 The `wp_update_https_detection_errors()` function is no longer used and has been replaced by
+ *                   `wp_get_https_detection_errors()`. Previously the function was called by a regular Cron hook to
+ *                    update the `https_detection_errors` option, but this is no longer necessary as the errors are
+ *                    retrieved directly in Site Health and no longer used outside of Site Health.
+ * @access private
+ */
+function wp_update_https_detection_errors() {
+        _deprecated_function( __FUNCTION__, '6.4.0' );
+
+        /**
+         * Short-circuits the process of detecting errors related to HTTPS support.
+         *
+         * Returning a `WP_Error` from the filter will effectively short-circuit the default logic of trying a remote
+         * request to the site over HTTPS, storing the errors array from the returned `WP_Error` instead.
+         *
+         * @since 5.7.0
+         *
+         * @param null|WP_Error $pre Error object to short-circuit detection,
+         *                           or null to continue with the default behavior.
+         */
+        $support_errors = apply_filters( 'pre_wp_update_https_detection_errors', null );
+        if ( is_wp_error( $support_errors ) ) {
+                update_option( 'https_detection_errors', $support_errors->errors );
+                return;
+        }
+
+        $support_errors = wp_get_https_detection_errors();
+
+        update_option( 'https_detection_errors', $support_errors );
+}
+ No newline at end of file

src/wp-includes/https-detection.php

@@ -86 +86 @@
  *
  * This internal function is called by a regular Cron hook to ensure HTTPS support is detected and maintained.
  *
- * @since 5.7.0
+ * @since 6.4.0
  * @access private
  */
-function wp_update_https_detection_errors() {
+function wp_get_https_detection_errors() {
         /**
          * Short-circuits the process of detecting errors related to HTTPS support.
          *
          * Returning a `WP_Error` from the filter will effectively short-circuit the default logic of trying a remote
          * request to the site over HTTPS, storing the errors array from the returned `WP_Error` instead.
          *
-         * @since 5.7.0
+         * @since 6.4.0
          *
          * @param null|WP_Error $pre Error object to short-circuit detection,
          *                           or null to continue with the default behavior.
+         * @return null|WP_Error Error object if HTTPS detection errors are found, null otherwise.
          */
-        $support_errors = apply_filters( 'pre_wp_update_https_detection_errors', null );
+        $support_errors = apply_filters( 'pre_wp_get_https_detection_errors', null );
         if ( is_wp_error( $support_errors ) ) {
-                update_option( 'https_detection_errors', $support_errors->errors );
-                return;
+                return $support_errors->errors;
         }
 
         $support_errors = new WP_Error();
@@ -153 +153 @@
                 }
         }
 
-        update_option( 'https_detection_errors', $support_errors->errors );
-}
-
-/**
- * Schedules the Cron hook for detecting HTTPS support.
- *
- * @since 5.7.0
- * @access private
- */
-function wp_schedule_https_detection() {
-        if ( wp_installing() ) {
-                return;
+        // Remove the previously cron scheduled https check (since version 6.4).
+        $scheduled = wp_get_scheduled_event( 'wp_https_detection' );
+        if ( $scheduled && false !== $scheduled->schedule ) {
+                wp_unschedule_event( $scheduled->timestamp, $scheduled->schedule, 'wp_https_detection' );
         }
 
-        if ( ! wp_next_scheduled( 'wp_https_detection' ) ) {
-                wp_schedule_event( time(), 'twicedaily', 'wp_https_detection' );
-        }
-}
-
-/**
- * Disables SSL verification if the 'cron_request' arguments include an HTTPS URL.
- *
- * This prevents an issue if HTTPS breaks, where there would be a failed attempt to verify HTTPS.
- *
- * @since 5.7.0
- * @access private
- *
- * @param array $request The cron request arguments.
- * @return array The filtered cron request arguments.
- */
-function wp_cron_conditionally_prevent_sslverify( $request ) {
-        if ( 'https' === wp_parse_url( $request['url'], PHP_URL_SCHEME ) ) {
-                $request['args']['sslverify'] = false;
-        }
-        return $request;
+        return $support_errors->errors;
 }
 
 /**

tests/phpunit/tests/https-detection.php

@@ -141 +141 @@
                 );
         }
 
-        /**
-         * @ticket 47577
-         */
-        public function test_wp_schedule_https_detection() {
-                wp_schedule_https_detection();
-                $this->assertSame( 'twicedaily', wp_get_schedule( 'wp_https_detection' ) );
-        }
-
-        /**
-         * @ticket 47577
-         */
-        public function test_wp_cron_conditionally_prevent_sslverify() {
-                // If URL is not using HTTPS, don't set 'sslverify' to false.
-                $request = array(
-                        'url'  => 'http://example.com/',
-                        'args' => array( 'sslverify' => true ),
-                );
-                $this->assertSame( $request, wp_cron_conditionally_prevent_sslverify( $request ) );
-
-                // If URL is using HTTPS, set 'sslverify' to false.
-                $request                       = array(
-                        'url'  => 'https://example.com/',
-                        'args' => array( 'sslverify' => true ),
-                );
-                $expected                      = $request;
-                $expected['args']['sslverify'] = false;
-                $this->assertSame( $expected, wp_cron_conditionally_prevent_sslverify( $request ) );
-        }
-
         /**
          * @ticket 47577
          * @ticket 52542