Opened 5 years ago
Last modified 5 months ago
#51767 new defect (bug)
Broken logic for `https_local_ssl_verify` filter due to missing `local` argument
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Awaiting Review | Priority: | normal |
| Severity: | normal | Version: | 4.6 |
| Component: | HTTP API | Keywords: | has-patch |
| Focuses: | Cc: |
Description
When the Requests library was merged in WP 4.6, the local element in the $args array of an HTTP API request was removed. The logic for the https_local_ssl_verify filter relies on this argument being present and therefore doesn't behave properly.
To reproduce, perform an HTTP API request to home_url() and verify that the https_local_ssl_verify filter does not get triggered.
Introduced in [37428].
Change History (3)
This ticket was mentioned in PR #8751 on WordPress/wordpress-develop by @debarghyabanerjee.
9 months ago
#1
- Keywords has-patch added; needs-patch removed
@johnbillion commented on PR #8751:
8 months ago
#2
This has nothing to do with the _current_ request, only the HTTP API request being performed.
#3
@
5 months ago
@johnbillion Should we remove the https_local_ssl_verify filter logic from https://github.com/WordPress/wordpress-develop/blob/trunk/src/wp-includes/class-wp-http-curl.php#L122?
Trac Ticket: Core-51767
## Issue
In WordPress 4.6, the
$args['local']element was removed from HTTP API requests, which caused the https_local_ssl_verify filter to malfunction.## Solution
This update restores the expected behaviour by checking if a request is local using: