Index: src/wp-includes/class-http.php =================================================================== --- src/wp-includes/class-http.php (revision 35553) +++ src/wp-includes/class-http.php (working copy) @@ -140,7 +140,7 @@ $args = wp_parse_args( $args ); // By default, Head requests do not cause redirections. - if ( isset($args['method']) && 'HEAD' == $args['method'] ) + if ( isset( $args['method'] ) && 'HEAD' == $args['method'] ) $defaults['redirection'] = 0; $r = wp_parse_args( $args, $defaults ); @@ -192,7 +192,7 @@ $arrURL = @parse_url( $url ); if ( empty( $url ) || empty( $arrURL['scheme'] ) ) - return new WP_Error('http_request_failed', __('A valid URL was not provided.')); + return new WP_Error( 'http_request_failed', __( 'A valid URL was not provided.' ) ); if ( $this->block_request( $url ) ) return new WP_Error( 'http_request_failed', __( 'User has blocked requests through HTTP.' ) ); @@ -244,7 +244,7 @@ unset( $r['headers']['user-agent'] ); } - if ( '1.1' == $r['httpversion'] && !isset( $r['headers']['connection'] ) ) { + if ( '1.1' == $r['httpversion'] && ! isset( $r['headers']['connection'] ) ) { $r['headers']['connection'] = 'close'; } @@ -327,7 +327,7 @@ $class = 'WP_Http_' . $transport; // Check to see if this transport is a possibility, calls the transport statically. - if ( !call_user_func( array( $class, 'test' ), $args, $url ) ) + if ( ! call_user_func( array( $class, 'test' ), $args, $url ) ) continue; return $class; @@ -357,7 +357,7 @@ static $transports = array(); $class = $this->_get_first_available_transport( $args, $url ); - if ( !$class ) + if ( ! $class ) return new WP_Error( 'http_failure', __( 'There are no HTTP transports available which can complete the requested request.' ) ); // Transport claims to support request, instantiate it and give it a whirl. @@ -406,10 +406,10 @@ * @param string|array $args Optional. Override the defaults. * @return array|WP_Error Array containing 'headers', 'body', 'response', 'cookies', 'filename'. A WP_Error instance upon error */ - public function post($url, $args = array()) { - $defaults = array('method' => 'POST'); + public function post( $url, $args = array() ) { + $defaults = array( 'method' => 'POST' ); $r = wp_parse_args( $args, $defaults ); - return $this->request($url, $r); + return $this->request( $url, $r ); } /** @@ -424,10 +424,10 @@ * @param string|array $args Optional. Override the defaults. * @return array|WP_Error Array containing 'headers', 'body', 'response', 'cookies', 'filename'. A WP_Error instance upon error */ - public function get($url, $args = array()) { - $defaults = array('method' => 'GET'); + public function get( $url, $args = array() ) { + $defaults = array( 'method' => 'GET' ); $r = wp_parse_args( $args, $defaults ); - return $this->request($url, $r); + return $this->request( $url, $r ); } /** @@ -442,10 +442,10 @@ * @param string|array $args Optional. Override the defaults. * @return array|WP_Error Array containing 'headers', 'body', 'response', 'cookies', 'filename'. A WP_Error instance upon error */ - public function head($url, $args = array()) { - $defaults = array('method' => 'HEAD'); + public function head( $url, $args = array() ) { + $defaults = array( 'method' => 'HEAD' ); $r = wp_parse_args( $args, $defaults ); - return $this->request($url, $r); + return $this->request( $url, $r ); } /** @@ -458,10 +458,10 @@ * @param string $strResponse The full response string * @return array Array with 'headers' and 'body' keys. */ - public static function processResponse($strResponse) { - $res = explode("\r\n\r\n", $strResponse, 2); + public static function processResponse( $strResponse ) { + $res = explode( "\r\n\r\n", $strResponse, 2 ); - return array('headers' => $res[0], 'body' => isset($res[1]) ? $res[1] : ''); + return array( 'headers' => $res[0], 'body' => isset( $res[1] ) ? $res[1] : '' ); } /** @@ -481,27 +481,27 @@ */ public static function processHeaders( $headers, $url = '' ) { // Split headers, one per array element. - if ( is_string($headers) ) { + if ( is_string( $headers ) ) { // Tolerate line terminator: CRLF = LF (RFC 2616 19.3). - $headers = str_replace("\r\n", "\n", $headers); + $headers = str_replace( "\r\n", "\n", $headers ); /* * Unfold folded header fields. LWS = [CRLF] 1*( SP | HT ) , * (RFC 2616 2.2). */ - $headers = preg_replace('/\n[ \t]/', ' ', $headers); + $headers = preg_replace( '/\n[ \t]/', ' ', $headers ); // Create the headers array. - $headers = explode("\n", $headers); + $headers = explode( "\n", $headers ); } - $response = array('code' => 0, 'message' => ''); + $response = array( 'code' => 0, 'message' => '' ); /* * If a redirection has taken place, The headers for each page request may have been passed. * In this case, determine the final HTTP header and parse from there. */ - for ( $i = count($headers)-1; $i >= 0; $i-- ) { - if ( !empty($headers[$i]) && false === strpos($headers[$i], ':') ) { - $headers = array_splice($headers, $i); + for ( $i = count( $headers )-1; $i >= 0; $i-- ) { + if ( ! empty( $headers[$i] ) && false === strpos( $headers[$i], ':' ) ) { + $headers = array_splice( $headers, $i ); break; } } @@ -509,17 +509,17 @@ $cookies = array(); $newheaders = array(); foreach ( (array) $headers as $tempheader ) { - if ( empty($tempheader) ) + if ( empty( $tempheader ) ) continue; - if ( false === strpos($tempheader, ':') ) { - $stack = explode(' ', $tempheader, 3); + if ( false === strpos( $tempheader, ':' ) ) { + $stack = explode( ' ', $tempheader, 3 ); $stack[] = ''; - list( , $response['code'], $response['message']) = $stack; + list( , $response['code'], $response['message'] ) = $stack; continue; } - list($key, $value) = explode(':', $tempheader, 2); + list( $key, $value ) = explode( ':', $tempheader, 2 ); $key = strtolower( $key ); $value = trim( $value ); @@ -538,7 +538,7 @@ // Cast the Response Code to an int $response['code'] = intval( $response['code'] ); - return array('response' => $response, 'headers' => $newheaders, 'cookies' => $cookies); + return array( 'response' => $response, 'headers' => $newheaders, 'cookies' => $cookies ); } /** @@ -555,7 +555,7 @@ * @param array $r Full array of args passed into ::request() */ public static function buildCookieHeader( &$r ) { - if ( ! empty($r['cookies']) ) { + if ( ! empty( $r['cookies'] ) ) { // Upgrade any name => value cookie pairs to WP_HTTP_Cookie instances. foreach ( $r['cookies'] as $name => $value ) { if ( ! is_object( $value ) ) @@ -638,16 +638,16 @@ * @param string $uri URI of url. * @return bool True to block, false to allow. */ - public function block_request($uri) { + public function block_request( $uri ) { // We don't need to block requests, because nothing is blocked. if ( ! defined( 'WP_HTTP_BLOCK_EXTERNAL' ) || ! WP_HTTP_BLOCK_EXTERNAL ) return false; - $check = parse_url($uri); + $check = parse_url( $uri ); if ( ! $check ) return true; - $home = parse_url( get_option('siteurl') ); + $home = parse_url( get_option( 'siteurl' ) ); // Don't block requests back to ourselves by default. if ( 'localhost' == $check['host'] || ( isset( $home['host'] ) && $home['host'] == $check['host'] ) ) { @@ -662,24 +662,24 @@ return apply_filters( 'block_local_requests', false ); } - if ( !defined('WP_ACCESSIBLE_HOSTS') ) + if ( ! defined( 'WP_ACCESSIBLE_HOSTS' ) ) return true; static $accessible_hosts = null; static $wildcard_regex = array(); if ( null === $accessible_hosts ) { - $accessible_hosts = preg_split('|,\s*|', WP_ACCESSIBLE_HOSTS); + $accessible_hosts = preg_split( '|,\s*|', WP_ACCESSIBLE_HOSTS ); - if ( false !== strpos(WP_ACCESSIBLE_HOSTS, '*') ) { + if ( false !== strpos( WP_ACCESSIBLE_HOSTS, '*' ) ) { $wildcard_regex = array(); foreach ( $accessible_hosts as $host ) $wildcard_regex[] = str_replace( '\*', '.+', preg_quote( $host, '/' ) ); - $wildcard_regex = '/^(' . implode('|', $wildcard_regex) . ')$/i'; + $wildcard_regex = '/^(' . implode( '|', $wildcard_regex ) . ')$/i'; } } - if ( !empty($wildcard_regex) ) - return !preg_match($wildcard_regex, $check['host']); + if ( ! empty( $wildcard_regex ) ) + return !preg_match( $wildcard_regex, $check['host'] ); else return !in_array( $check['host'], $accessible_hosts ); //Inverse logic, If it's in the array, then we can't access it. @@ -799,7 +799,7 @@ // Don't redirect if we've run out of redirects. if ( $args['redirection']-- <= 0 ) - return new WP_Error( 'http_request_failed', __('Too many redirects.') ); + return new WP_Error( 'http_request_failed', __( 'Too many redirects.' ) ); $redirect_location = $response['headers']['location']; @@ -843,7 +843,7 @@ * @return integer|bool Upon success, '4' or '6' to represent a IPv4 or IPv6 address, false upon failure */ public static function is_ip_address( $maybe_ip ) { - if ( preg_match( '/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/', $maybe_ip ) ) + if ( preg_match( '/^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/', $maybe_ip ) ) return 4; if ( false !== strpos( $maybe_ip, ':' ) && preg_match( '/^(((?=.*(::))(?!.*\3.+\3))\3?|([\dA-F]{1,4}(\3|:\b|$)|\2))(?4){5}((?4){2}|(((2[0-4]|1\d|[1-9])?\d|25[0-5])\.?\b){4})$/i', trim( $maybe_ip, ' []' ) ) ) Index: tests/phpunit/tests/http/http.php =================================================================== --- tests/phpunit/tests/http/http.php (revision 35553) +++ tests/phpunit/tests/http/http.php (working copy) @@ -102,4 +102,87 @@ - ://example.com - assumed path in PHP >= 5.4.7, fails in <5.4.7 */ } + + /** + * @dataProvider ip_address_testcases + */ + function test_is_ip_address( $maybe_ip, $expected ) { + $actual = WP_Http::is_ip_address( $maybe_ip ); + $this->assertEquals( $expected, $actual ); + } + + function ip_address_testcases() { + // 0: The IP Address, 1: The expected resulting + return array( + // Valid IPv4 address + // See: http://tools.ietf.org/html/rfc5737 + array( '0.0.0.0', 4 ), + array( '127.0.0.1', 4 ), // The loopback address + array( '192.0.2.0', 4 ), // RFC 5737 - IPv4 Address Blocks Reserved for Documentation + array( '198.51.100.0', 4 ), // RFC 5737 - IPv4 Address Blocks Reserved for Documentation + array( '203.0.113.0', 4 ), // RFC 5737 - IPv4 Address Blocks Reserved for Documentation + array( '255.255.255.255', 4 ), + + // Invalid IPv4 address + array( '256.255.255.255', false ), // The first octet is out of range + array( '255.256.255.255', false ), // The second octet is out of range + array( '255.255.256.255', false ), // The third octet is out of range + array( '255.255.255.256', false ), // The fourth octet is out of range + array( '999.999.999.999', false ), // All octet is out of range + array( '2000.1.1.1', false ), + array( '1.2000.1.1', false ), + array( '1.1.2000.1', false ), + array( '1.1.1.2000', false ), + array( '2000.2000.2000.2000', false ), + + // Valid IPv6 address + // See: http://tools.ietf.org/html/rfc4291 + array( '0:0:0:0:0:0:0:0', 6 ), // The unspecified address + array( '::', 6 ), // The unspecified address (in compressed form) + array( '0:0:0:0:0:0:0:1', 6 ), // The loopback address + array( '::1', 6 ), // The loopback address (in compressed form) + array( '2001:db8::', 6 ), // RFC 3849 - IPv6 Address Prefix Reserved for Documentation + array( '2001:0db8:0000:0000:0000:0000:dead:beaf', 6 ), + array( '2001:db8:0:0:0:0:dead:beaf', 6 ), + array( '2001:db8::dead:beaf', 6 ), + array( 'ABCD:EF01:2345:6789:ABCD:EF01:2345:6789', 6 ), // RFC 4291 - Example + array( '2001:DB8:0:0:8:800:200C:417A', 6 ), // RFC 4291 - Example of unicast address + array( '2001:DB8::8:800:200C:417A', 6 ), // RFC 4291 - Example of unicast address (in compressed form) + array( 'FF01:0:0:0:0:0:0:101', 6 ), // RFC 4291 - Example of multicast address + array( 'FF01::101', 6 ), // RFC 4291 - Example of multicast address (in compressed form) + array( '0:0:0:0:0:0:13.1.68.3', 6 ), // RFC 4291 - Example of an alternative form with a mixed environment of IPv4 and IPv6 nodes + array( '::13.1.68.3', 6 ), // RFC 4291 - Example of an alternative form with a mixed environment of IPv4 and IPv6 nodes (in compressed form) + array( '0:0:0:0:0:FFFF:129.144.52.38', 6 ), // RFC 4291 - Example of an alternative form with a mixed environment of IPv4 and IPv6 nodes + array( '::FFFF:129.144.52.38', 6 ), // RFC 4291 - Example of an alternative form with a mixed environment of IPv4 and IPv6 nodes (in compressed form) + + // Invalid IPv6 address + // See: https://github.com/richb-intermapper/IPv6-Regex + array( '2001:DB8:0:0:8:800:200C:417A:221', false ), // unicast full + array( 'FF01::101::2', false ), // multicast compressed + array( '02001:0000:1234:0000:0000:C1C0:ABCD:0876', false ), // extra 0 not allowed + array( '2001:0000:1234:0000:00001:C1C0:ABCD:0876', false ), // extra 0 not allowed + array( '2001:0000:1234:0000:0000:C1C0:ABCD:0876 0', false ), // junk after valid address + array( '2001:0000:1234: 0000:0000:C1C0:ABCD:0876', false ), // internal space + array( '3ffe:0b00:0000:0001:0000:0000:000a', false ), // Segments is less than 8 + array( 'FF02:0000:0000:0000:0000:0000:0000:0000:0001', false ), // Segments is over 8 + array( '3ffe:b00::1::a', false ), // Compressed double + array( '::1111:2222:3333:4444:5555:6666::', false ), // Compressed double + array( '1::5:400.2.3.4', false ), // Embedded ipv4 address is out of range + array( '1::5:192.168.0.256', false ), // Embedded ipv4 address is out of range + array( '2001:1:1:1:1:1:255Z255X255Y255', false ), // garbage instead of "." in IPv4 + array( '::ffff:192x168.1.26', false ), // ditto + array( '::ffff:2.3.4', false ), // has ipv4 octet lost + array( '1.2.3.4:1111:2222:3333:4444::5555', false ), // Aeron + array( ':', false ), + array( ':::', false ), + + // other + array( '123', false ), + array( 'ldkfj', false ), + array( '.', false ), + array( '..', false ), + array( '...', false ), + + ); + } }