WordPress.org

Make WordPress Core

Changeset 24917


Ignore:
Timestamp:
07/31/2013 06:52:13 AM (8 years ago)
Author:
nacin
Message:

Use wp_safe_remote_request() and friends instead of reject_unsafe_urls = true.

fixes #24646.

Location:
trunk
Files:
8 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/includes/class-wp-importer.php

    r24480 r24917  
    184184        $headers = array();
    185185        $args = array();
    186         $args['reject_unsafe_urls'] = true;
    187186        if ( true === $head )
    188187            $args['method'] = 'HEAD';
     
    192191        $args['headers'] = $headers;
    193192
    194         return wp_remote_request( $url, $args );
     193        return wp_safe_remote_request( $url, $args );
    195194    }
    196195
  • trunk/wp-admin/includes/file.php

    r24480 r24917  
    498498        return new WP_Error('http_no_file', __('Could not create Temporary file.'));
    499499
    500     $response = wp_remote_get( $url, array( 'timeout' => $timeout, 'stream' => true, 'filename' => $tmpfname, 'reject_unsafe_urls' => true ) );
     500    $response = wp_safe_remote_get( $url, array( 'timeout' => $timeout, 'stream' => true, 'filename' => $tmpfname ) );
    501501
    502502    if ( is_wp_error( $response ) ) {
  • trunk/wp-includes/class-feed.php

    r24480 r24917  
    7070                'timeout' => $this->timeout,
    7171                'redirection' => $this->redirects,
    72                 'reject_unsafe_urls' => true,
    7372            );
    7473
     
    7978                $args['user-agent'] = $this->useragent;
    8079
    81             $res = wp_remote_request($url, $args);
     80            $res = wp_safe_remote_request($url, $args);
    8281
    8382            if ( is_wp_error($res) ) {
  • trunk/wp-includes/class-oembed.php

    r24902 r24917  
    114114
    115115        // Fetch URL content
    116         if ( $html = wp_remote_retrieve_body( wp_remote_get( $url, array( 'reject_unsafe_urls' => true ) ) ) ) {
     116        if ( $html = wp_remote_retrieve_body( wp_safe_remote_get( $url ) ) ) {
    117117
    118118            // <link> types that contain oEmbed provider URLs
     
    196196    function _fetch_with_format( $provider_url_with_args, $format ) {
    197197        $provider_url_with_args = add_query_arg( 'format', $format, $provider_url_with_args );
    198         $response = wp_remote_get( $provider_url_with_args, array( 'reject_unsafe_urls' => true ) );
     198        $response = wp_safe_remote_get( $provider_url_with_args );
    199199        if ( 501 == wp_remote_retrieve_response_code( $response ) )
    200200            return new WP_Error( 'not-implemented' );
  • trunk/wp-includes/class-wp-xmlrpc-server.php

    r24871 r24917  
    53935393            'timeout' => 10,
    53945394            'redirection' => 0,
    5395             'reject_unsafe_urls' => true,
    53965395            'limit_response_size' => 153600, // 150 KB
    53975396        );
    5398         $linea = wp_remote_retrieve_body( wp_remote_get( $pagelinkedfrom, $http_api_args ) );
     5397        $linea = wp_remote_retrieve_body( wp_safe_remote_get( $pagelinkedfrom, $http_api_args ) );
    53995398
    54005399        if ( !$linea )
  • trunk/wp-includes/comment.php

    r24713 r24917  
    16591659        return false;
    16601660
    1661     $response = wp_remote_head( $url, array( 'timeout' => 2, 'httpversion' => '1.0', 'reject_unsafe_urls' => true ) );
     1661    $response = wp_safe_remote_head( $url, array( 'timeout' => 2, 'httpversion' => '1.0' ) );
    16621662
    16631663    if ( is_wp_error( $response ) )
     
    16721672
    16731673    // Now do a GET since we're going to look in the html headers (and we're sure it's not a binary file)
    1674     $response = wp_remote_get( $url, array( 'timeout' => 2, 'httpversion' => '1.0', 'reject_unsafe_urls' => true ) );
     1674    $response = wp_safe_remote_get( $url, array( 'timeout' => 2, 'httpversion' => '1.0' ) );
    16751675
    16761676    if ( is_wp_error( $response ) )
     
    19071907    $options = array();
    19081908    $options['timeout'] = 4;
    1909     $options['reject_unsafe_urls'] = true;
    19101909    $options['body'] = array(
    19111910        'title' => $title,
     
    19151914    );
    19161915
    1917     $response = wp_remote_post($trackback_url, $options);
     1916    $response = wp_safe_remote_post( $trackback_url, $options );
    19181917
    19191918    if ( is_wp_error( $response ) )
  • trunk/wp-includes/functions.php

    r24810 r24917  
    497497    $options = array();
    498498    $options['redirection'] = 5;
    499     $options['reject_unsafe_urls'] = true;
    500499
    501500    if ( false == $file_path )
     
    504503        $options['method'] = 'GET';
    505504
    506     $response = wp_remote_request($url, $options);
     505    $response = wp_safe_remote_request( $url, $options );
    507506
    508507    if ( is_wp_error( $response ) )
     
    545544        _deprecated_argument( __FUNCTION__, '2.7' );
    546545
    547     $response = wp_remote_head( $url, array( 'reject_unsafe_urls' => true ) );
     546    $response = wp_safe_remote_head( $url );
    548547
    549548    if ( is_wp_error( $response ) )
     
    760759    $options = array();
    761760    $options['timeout'] = 10;
    762     $options['reject_unsafe_urls'] = true;
    763 
    764     $response = wp_remote_get( $uri, $options );
     761
     762    $response = wp_safe_remote_get( $uri, $options );
    765763
    766764    if ( is_wp_error( $response ) )
  • trunk/wp-includes/rss.php

    r24480 r24917  
    537537 */
    538538function _fetch_remote_file($url, $headers = "" ) {
    539     $resp = wp_remote_request($url, array('headers' => $headers, 'timeout' => MAGPIE_FETCH_TIME_OUT, 'reject_unsafe_urls' => true ));
     539    $resp = wp_safe_remote_request( $url, array( 'headers' => $headers, 'timeout' => MAGPIE_FETCH_TIME_OUT ) );
    540540    if ( is_wp_error($resp) ) {
    541541        $error = array_shift($resp->errors);
Note: See TracChangeset for help on using the changeset viewer.