WP_Http_Fsockopen fails when requesting an IP based URL with an explicit Host header
|Reported by:||friedcell||Owned by:||dd32|
Description (last modified by SergeyBiryukov)
When requesting a resource with a IP based URL and an explicitly set Host header fsockopen fails.
$url = http://220.127.116.11/1.1/verify-key $args = Array ( [body] => key=xxxxxxxxxxxx&blog=http%3A%2F%2Ffriedcell.si%2Foutbreak [headers] => Array ( [Content-Type] => application/x-www-form-urlencoded; charset=UTF-8 [Host] => rest.akismet.com [User-Agent] => WordPress/3.5.1 | Akismet/2.5.7 ) [httpversion] => 1.0 [timeout] => 15 )
WP_Http_Fsockopen $strHeaders just before fwrite:
POST /1.1/verify-key HTTP/1.0 Host: 18.104.22.168 User-agent: WordPress/3.5.1 | Akismet/2.5.7 Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Host: rest.akismet.com Accept-Encoding: deflate;q=1.0, compress;q=0.5 Content-Length: 58 key=xxxxxxxxxxxx&blog=http%3A%2F%2Ffriedcell.si%2Foutbreak
The request fails as the first Host header is used.
When $arrURL['host'] is an IP and there is a Host header in $r['headers'], the Host header should not be added from the URL (http://core.trac.wordpress.org/browser/trunk/wp-includes/class-http.php#L706) so that the explicitly specified Host header is used.
Change History (9)
- Milestone changed from Awaiting Review to Future Release
- Version changed from trunk to 2.7
- Keywords needs-patch added; has-patch needs-testing removed
- Milestone changed from Future Release to 3.7
- Owner set to dd32
- Resolution set to fixed
- Status changed from new to closed