]> scripts.mit.edu Git - autoinstalls/wordpress.git/blobdiff - wp-includes/class-oembed.php
scripts.mit.edu / autoinstalls / wordpress.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Wordpress 3.5.2
[autoinstalls/wordpress.git] / wp-includes / class-oembed.php
diff --git a/wp-includes/class-oembed.php b/wp-includes/class-oembed.php
index 46d5f6290db6b15cfd9e67bf4ce6dbc27de75663..5ff2a2e05b549d16d7d541567f039aaef07c68e5 100644 (file)
--- a/wp-includes/class-oembed.php
+++ b/wp-includes/class-oembed.php
@@ -108,7 +108,7 @@ class WP_oEmbed {
                $providers = array();
 
                // Fetch URL content
                $providers = array();
 
                // Fetch URL content
-               if ( $html = wp_remote_retrieve_body( wp_remote_get( $url ) ) ) {
+               if ( $html = wp_remote_retrieve_body( wp_remote_get( $url, array( 'reject_unsafe_urls' => true ) ) ) ) {
 
                        // <link> types that contain oEmbed provider URLs
                        $linktypes = apply_filters( 'oembed_linktypes', array(
 
                        // <link> types that contain oEmbed provider URLs
                        $linktypes = apply_filters( 'oembed_linktypes', array(
@@ -190,7 +190,7 @@ class WP_oEmbed {
         */
        function _fetch_with_format( $provider_url_with_args, $format ) {
                $provider_url_with_args = add_query_arg( 'format', $format, $provider_url_with_args );
         */
        function _fetch_with_format( $provider_url_with_args, $format ) {
                $provider_url_with_args = add_query_arg( 'format', $format, $provider_url_with_args );
-               $response = wp_remote_get( $provider_url_with_args );
+               $response = wp_remote_get( $provider_url_with_args, array( 'reject_unsafe_urls' => true ) );
                if ( 501 == wp_remote_retrieve_response_code( $response ) )
                        return new WP_Error( 'not-implemented' );
                if ( ! $body = wp_remote_retrieve_body( $response ) )
                if ( 501 == wp_remote_retrieve_response_code( $response ) )
                        return new WP_Error( 'not-implemented' );
                if ( ! $body = wp_remote_retrieve_body( $response ) )
@@ -219,35 +219,24 @@ class WP_oEmbed {
                if ( !function_exists('simplexml_load_string') ) {
                        return false;
                }
                if ( !function_exists('simplexml_load_string') ) {
                        return false;
                }
-
-               if ( ! class_exists( 'DOMDocument' ) )
+               if ( ! function_exists( 'libxml_disable_entity_loader' ) )
                        return false;
 
                        return false;
 
-               $errors = libxml_use_internal_errors( true );
-               $old_value = null;
-               if ( function_exists( 'libxml_disable_entity_loader' ) ) {
-                       $old_value = libxml_disable_entity_loader( true );
-               }
-
-               $dom = new DOMDocument;
-               $success = $dom->loadXML( $response_body );
+               $loader = libxml_disable_entity_loader( true );
 
 
-               if ( ! is_null( $old_value ) ) {
-                       libxml_disable_entity_loader( $old_value );
-               }
+               $errors = libxml_use_internal_errors( true );
+               $data = simplexml_load_string( $response_body );
                libxml_use_internal_errors( $errors );
 
                libxml_use_internal_errors( $errors );
 
-               if ( ! $success || isset( $dom->doctype ) ) {
-                       return false;
+               $return = false;
+               if ( is_object( $data ) ) {
+                       $return = new stdClass;
+                       foreach ( $data as $key => $value ) {
+                               $return->$key = (string) $value;
+                       }
                }
 
                }
 
-               $data = simplexml_import_dom( $dom );
-               if ( ! is_object( $data ) )
-                       return false;
-
-               $return = new stdClass;
-               foreach ( $data as $key => $value )
-                       $return->$key = (string) $value;
+               libxml_disable_entity_loader( $loader );
                return $return;
        }
 
                return $return;
        }
 
WordPress autoinstaller for phpBB