Wordpress 3.5.2

[autoinstalls/wordpress.git] / wp-includes / functions.php

diff --git a/wp-includes/functions.php b/wp-includes/functions.php
index f4b4634b5a3b3b79ceeab3257c7a0932e01db57c..e30a014223b60deefbe78efe9abf0aa84e67c1d6 100644 (file)
--- a/wp-includes/functions.php
+++ b/wp-includes/functions.php
@@ -496,6 +496,7 @@ function wp_get_http( $url, $file_path = false, $red = 1 ) {
 
        $options = array();
        $options['redirection'] = 5;
+       $options['reject_unsafe_urls'] = true;
 
        if ( false == $file_path )
                $options['method'] = 'HEAD';
@@ -543,7 +544,7 @@ function wp_get_http_headers( $url, $deprecated = false ) {
        if ( !empty( $deprecated ) )
                _deprecated_argument( __FUNCTION__, '2.7' );
 
-       $response = wp_remote_head( $url );
+       $response = wp_remote_head( $url, array( 'reject_unsafe_urls' => true ) );
 
        if ( is_wp_error( $response ) )
                return false;
@@ -655,10 +656,10 @@ function add_query_arg() {
        else
                $frag = '';
 
-       if ( 0 === stripos( 'http://', $uri ) ) {
+       if ( 0 === stripos( $uri, 'http://' ) ) {
                $protocol = 'http://';
                $uri = substr( $uri, 7 );
-       } elseif ( 0 === stripos( 'https://', $uri ) ) {
+       } elseif ( 0 === stripos( $uri, 'https://' ) ) {
                $protocol = 'https://';
                $uri = substr( $uri, 8 );
        } else {
@@ -758,6 +759,7 @@ function wp_remote_fopen( $uri ) {
 
        $options = array();
        $options['timeout'] = 10;
+       $options['reject_unsafe_urls'] = true;
 
        $response = wp_remote_get( $uri, $options );
 
@@ -2954,9 +2956,15 @@ function _doing_it_wrong( $function, $message, $version ) {
 
        // Allow plugin to filter the output error trigger
        if ( WP_DEBUG && apply_filters( 'doing_it_wrong_trigger_error', true ) ) {
-               $version = is_null( $version ) ? '' : sprintf( __( '(This message was added in version %s.)' ), $version );
-               $message .= ' ' . __( 'Please see <a href="http://codex.wordpress.org/Debugging_in_WordPress">Debugging in WordPress</a> for more information.' );
-               trigger_error( sprintf( __( '%1$s was called <strong>incorrectly</strong>. %2$s %3$s' ), $function, $message, $version ) );
+               if ( function_exists( '__' ) ) {
+                       $version = is_null( $version ) ? '' : sprintf( __( '(This message was added in version %s.)' ), $version );
+                       $message .= ' ' . __( 'Please see <a href="http://codex.wordpress.org/Debugging_in_WordPress">Debugging in WordPress</a> for more information.' );
+                       trigger_error( sprintf( __( '%1$s was called <strong>incorrectly</strong>. %2$s %3$s' ), $function, $message, $version ) );
+               } else {
+                       $version = is_null( $version ) ? '' : sprintf( '(This message was added in version %s.)', $version );
+                       $message .= ' Please see <a href="http://codex.wordpress.org/Debugging_in_WordPress">Debugging in WordPress</a> for more information.';
+                       trigger_error( sprintf( '%1$s was called <strong>incorrectly</strong>. %2$s %3$s', $function, $message, $version ) );
+               }
        }
 }