Make WordPress Core

Opened 6 years ago

Closed 6 years ago

Last modified 6 years ago

#14636 closed enhancement (fixed)

Support wildcard expressions in WP_PROXY_BYPASS_HOSTS (and WP_ACCESSIBLE_HOSTS)

Reported by: sit Owned by:
Milestone: 3.1 Priority: normal
Severity: normal Version: 3.1
Component: HTTP API Keywords:
Focuses: Cc:


When configuring a proxy inside a firewall, a common configuration is to have all external requests go through a proxy and allow internal requests to proceed directly. In such cases, it would be useful to allow wildcard expressions to apply to exclusions so that all internal requests could be specified simply. However, today, if I want to send everything but *.wordpress.com requests through to a proxy, there is no way to express that using WP_PROXY_BYPASS_HOSTS. Instead, each host needs to be explicitly listed, which is not feasible.

I suppose, ideally, Wordpress would support proxy auto config (.pac files http://en.wikipedia.org/wiki/Proxy_auto-config) but just simple wildcard support would be a very useful improvement.

Adding wild-cards could be accomplished by updating the uses of in_array in wp-includes/class-http.php (say, in WP_HTTP_Proxy's send_through_proxy at line 1634 in trunk today) to use fnmatch (as described here http://www.mattgregg.com/php-wildcard-match-in-an-array.html or in some of the comments under http://php.net/manual/en/function.in-array.php for example). It looks like it should be a pretty straight-forward change.

Change History (7)

#1 @jacobsantos
6 years ago

.PAC probably not going to be supported any time soon. I suppose would be better to setup some filters to allow for the Proxy to have a plugin manage it all. Really I think a better algorithm in this specific (and not general) case would be as follows:

// Only enter this branch when the wildcard is used.
if( false !== strpos(domain, '*.') ) {
    // '*' is a wildcard, but in preg regex it means nothing on its own.
    // Convert it to its rightful wildcard regex and make it and the subdomain
    // optional. We also want to make the wildcard nongreedy to prevent matching
    // the entire domain.
    $regex = preg_quote( str_replace('*.', '(.*?\.)?' domain) );
    if( false !== preg_match( '/'.$regex.'/i', domain ) ) {
        return true;

// Do it the old way.

#2 @hakre
6 years ago

Instead of Javascript, a .PAC based on PHP (just include it into a class and then call the function) could be made.

#3 @jacobsantos
6 years ago

Proxy support has always seemed like a fringe case. I think modifying the code to allow for a plugin to be created which either supports .PAC or a PHP version of it would be better as it might only be one line.

Support should be that no one has to modify a line of code, but I don't believe it is worth spending many hours implementing a full version.

#4 @dd32
6 years ago

If any filters need to be added to make it possible for a plugin to filter/control the proxy handling, then if someone can provide a patch i'll get it in.

#5 @sit
6 years ago

For what it's worth, it'd be fine with me if the simple prefix handling proposed by jacobsantos were committed for the next minor release. I'd consider that a satisfactory resolution to this ticket.

#6 @dd32
6 years ago

  • Resolution set to fixed
  • Status changed from new to closed

(In [15911]) Support wildcard domains in WP_PROXY_BYPASS_HOSTS and WP_ACCESSIBLE_HOSTS. Fixes #14636

#7 @dd32
6 years ago

  • Milestone changed from Awaiting Review to 3.1
  • Version set to 3.1

That commit allows wildcard domains.

The wildcard domain follows that of pac files.

*.wordpress.org will match api.wordpress.org, www.wordpress.org, etc, but will NOT match wordpress.org. wordpress.org,*.wordpress.org would be required for the latter to be matched as well.

Subdomains are supported. *.wordpress.org will match plugins.api.wordpress.org as well as www.wordpress.org

Note: See TracTickets for help on using tickets.