WordPress.org

Make WordPress Core

Changes between Initial Version and Version 1 of Ticket #36638, comment 10


Ignore:
Timestamp:
06/15/2016 12:52:47 AM (5 years ago)
Author:
azaozz
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #36638, comment 10

    initial v1  
    11In 36638.1.patch:
    22- Use capabilities check and a nonce for the AJAX request.
    3 - Use `wp_safe_remote_get()` to check the URL. Using a HEAD request sounds better, however: https://core.trac.wordpress.org/browser/tags/4.5.2/src/wp-admin/includes/upgrade.php#L331. Can probably use `wp_remote_get()` instead. `get_heaters()` (http://php.net/manual/en/function.get-headers.php) can possibly be used too however it has some drawbacks.
     3- Use `wp_safe_remote_get()` to check the URL. Using a HEAD request sounds better, however: https://core.trac.wordpress.org/browser/tags/4.5.2/src/wp-admin/includes/upgrade.php#L331. Can probably use `wp_remote_get()` instead. `get_headers()` (http://php.net/manual/en/function.get-headers.php) can possibly be used too however it has some drawbacks.
    44- Only "fail" URLs when very malformed, domain cannot be found or the response is 404. This may need revising.
    55- Add the error message as title on the URL in the inline toolbar. TODO: is it worth keeping this?