WordPress.org

Make WordPress Core

Context Navigation

← Previous Change
Next Change →

Changeset 46493 for branches/4.9/src/wp-includes/http.php

Timestamp:

10/14/2019 06:38:34 PM (2 months ago)

Author:

whyisjake

Message:

Backporting several bug fixes.

Query: Remove the static query property.
HTTP API: Protect against hex interpretation.
Filesystem API: Prevent directory travelersals when creating new folders.
Administration: Ensure that admin referer nonce is valid.
REST API: Send a Vary: Origin header on GET requests.

Backports [46474], [46475], [46476], [46477], [46478], [46483], [46485] to the 5.0 branch.

File:

: 1 edited

branches/4.9/src/wp-includes/http.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

branches/4.9/src/wp-includes/http.php

-                      r42908
+                      r46493
         } else {
             $ip = gethostbyname( $host );
+            if ( $ip === $host ) // Error condition for gethostbyname()
+                $ip = false;
+            if ( $ip === $host ) { // Error condition for gethostbyname()
+                return false;
+            }
+        }
         if ( $ip ) {

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Download in other formats: