Changeset 41605 for trunk/src/wp-admin/includes/credits.php

Timestamp:

09/27/2017 07:59:14 AM (9 years ago)

Author:

dd32

Message:

Standardise on performing api.WordPress.org requests over SSL when possible, falling back to non-SSL when appropriate.
This also standardises the User-Agent used when communicating with WordPress.org, allowing for more consistent version detection.

Fixes #42004.

File:

• trunk/src/wp-admin/includes/credits.php (modified) (2 diffs)

trunk/src/wp-admin/includes/credits.php

@@ -16 +16 @@
  */
 function wp_credits() {
-    $wp_version = get_bloginfo( 'version' );
+    // include an unmodified $wp_version
+    include( ABSPATH . WPINC . '/version.php' );
+
     $locale = get_user_locale();
 
@@ -25 +27 @@
         || ( isset( $results['data']['version'] ) && strpos( $wp_version, $results['data']['version'] ) !== 0 )
     ) {
-        $response = wp_remote_get( "http://api.wordpress.org/core/credits/1.1/?version={$wp_version}&locale={$locale}" );
+        $url = "http://api.wordpress.org/core/credits/1.1/?version={$wp_version}&locale={$locale}";
+        $options = array( 'user-agent' => 'WordPress/' . $wp_version . '; ' . home_url( '/' ) );
+
+        if ( wp_http_supports( array( 'ssl' ) ) ) {
+            $url = set_url_scheme( $url, 'https' );
+        }
+
+        $response = wp_remote_get( $url, $options );
 
         if ( is_wp_error( $response ) || 200 != wp_remote_retrieve_response_code( $response ) )