$providers = array();
// Fetch URL content
- if ( $html = wp_remote_retrieve_body( wp_remote_get( $url ) ) ) {
+ if ( $html = wp_remote_retrieve_body( wp_remote_get( $url, array( 'reject_unsafe_urls' => true ) ) ) ) {
// <link> types that contain oEmbed provider URLs
$linktypes = apply_filters( 'oembed_linktypes', array(
*/
function _fetch_with_format( $provider_url_with_args, $format ) {
$provider_url_with_args = add_query_arg( 'format', $format, $provider_url_with_args );
- $response = wp_remote_get( $provider_url_with_args );
+ $response = wp_remote_get( $provider_url_with_args, array( 'reject_unsafe_urls' => true ) );
if ( 501 == wp_remote_retrieve_response_code( $response ) )
return new WP_Error( 'not-implemented' );
if ( ! $body = wp_remote_retrieve_body( $response ) )
if ( !function_exists('simplexml_load_string') ) {
return false;
}
-
- if ( ! class_exists( 'DOMDocument' ) )
+ if ( ! function_exists( 'libxml_disable_entity_loader' ) )
return false;
- $errors = libxml_use_internal_errors( true );
- $old_value = null;
- if ( function_exists( 'libxml_disable_entity_loader' ) ) {
- $old_value = libxml_disable_entity_loader( true );
- }
-
- $dom = new DOMDocument;
- $success = $dom->loadXML( $response_body );
+ $loader = libxml_disable_entity_loader( true );
- if ( ! is_null( $old_value ) ) {
- libxml_disable_entity_loader( $old_value );
- }
+ $errors = libxml_use_internal_errors( true );
+ $data = simplexml_load_string( $response_body );
libxml_use_internal_errors( $errors );
- if ( ! $success || isset( $dom->doctype ) ) {
- return false;
+ $return = false;
+ if ( is_object( $data ) ) {
+ $return = new stdClass;
+ foreach ( $data as $key => $value ) {
+ $return->$key = (string) $value;
+ }
}
- $data = simplexml_import_dom( $dom );
- if ( ! is_object( $data ) )
- return false;
-
- $return = new stdClass;
- foreach ( $data as $key => $value )
- $return->$key = (string) $value;
+ libxml_disable_entity_loader( $loader );
return $return;
}