Filter for wp_safe_remote_get in download_url

[realloc]

I had to deal with images on a server that has basic authentication active. There is no filter in download_url that would give me the chance to add the header authentication that I needed in this case.

[donmhico]

I added a new patch for this issue.

Here are some key points about the new patch I attached 40153.2.diff.

1. Added docs regarding the new filter named download_url_remote_get_args which was introduced.
2. Unlike the first patch, I think it's best to not allow the new filter to override $args['timeout'], $args['stream'], and $args['filename'].

$args['timeout'] can be debatable. But I think it's enough that download_url() itself accepts the $timeout params.
$args['filename'] and $args['stream'] unless there's a good reason, these 2 should also be left untouched IMHO to prevent any unexpected issues to arise with how download_url() currently works.

[threadi]

I also stumbled across this today because I want to access an Auth Basic protected URL. My solution:

add_filter( 'http_request_args', array( $this, 'set_download_url_header' ) );
$file = download_url( $this->get_url() );
remove_filter( 'http_request_args', array( $this, 'set_download_url_header' ) );

In set_download_url_header() I add the Auth Basic header, which then works without any problems:

public function set_download_url_header( array $parsed_args ): array {
 return array_merge( $parsed_args, array( 'header' => array( 'Authorization' => 'Basic ...' ) ) );
}