Wordpress 3.5.2
[autoinstalls/wordpress.git] / wp-includes / class-http.php
index b50909fd9f991a13267ea7c6d6be51ea6baee1a9..0358932ac877b25bdc875ca1f756e11a58a83d14 100644 (file)
@@ -86,7 +86,8 @@ class WP_Http {
                        'timeout' => apply_filters( 'http_request_timeout', 5),
                        'redirection' => apply_filters( 'http_request_redirection_count', 5),
                        'httpversion' => apply_filters( 'http_request_version', '1.0'),
-                       'user-agent' => apply_filters( 'http_headers_useragent', 'WordPress/' . $wp_version . '; ' . get_bloginfo( 'url' )  ),
+                       'user-agent' => apply_filters( 'http_headers_useragent', 'WordPress/' . $wp_version . '; ' . get_bloginfo( 'url' ) ),
+                       'reject_unsafe_urls' => apply_filters( 'http_request_reject_unsafe_urls', false ),
                        'blocking' => true,
                        'headers' => array(),
                        'cookies' => array(),
@@ -108,15 +109,21 @@ class WP_Http {
                $r = wp_parse_args( $args, $defaults );
                $r = apply_filters( 'http_request_args', $r, $url );
 
-               // Certain classes decrement this, store a copy of the original value for loop purposes.
-               $r['_redirection'] = $r['redirection'];
+               // The transports decrement this, store a copy of the original value for loop purposes.
+               if ( ! isset( $r['_redirection'] ) )
+                       $r['_redirection'] = $r['redirection'];
 
                // Allow plugins to short-circuit the request
                $pre = apply_filters( 'pre_http_request', false, $r, $url );
                if ( false !== $pre )
                        return $pre;
 
-               $arrURL = parse_url( $url );
+               if ( $r['reject_unsafe_urls'] )
+                       $url = wp_http_validate_url( $url );
+               if ( function_exists( 'wp_kses_bad_protocol' ) )
+                       $url = wp_kses_bad_protocol( $url, array( 'http', 'https', 'ssl' ) );
+
+               $arrURL = @parse_url( $url );
 
                if ( empty( $url ) || empty( $arrURL['scheme'] ) )
                        return new WP_Error('http_request_failed', __('A valid URL was not provided.'));
@@ -141,7 +148,7 @@ class WP_Http {
                // Force some settings if we are streaming to a file and check for existence and perms of destination directory
                if ( $r['stream'] ) {
                        $r['blocking'] = true;
-                       if ( ! is_writable( dirname( $r['filename'] ) ) )
+                       if ( ! call_user_func( 'WIN' === strtoupper( substr( PHP_OS, 0, 3 ) ) ? 'win_is_writable' : 'is_writable', dirname( $r['filename'] ) ) )
                                return new WP_Error( 'http_request_failed', __( 'Destination directory for file streaming does not exist or is not writable.' ) );
                }
 
@@ -777,7 +784,7 @@ class WP_Http_Fsockopen {
                // If location is found, then assume redirect and redirect to location.
                if ( isset($arrHeaders['headers']['location']) && 0 !== $r['_redirection'] ) {
                        if ( $r['redirection']-- > 0 ) {
-                               return $this->request( WP_HTTP::make_absolute_url( $arrHeaders['headers']['location'], $url ), $r);
+                               return wp_remote_request( WP_HTTP::make_absolute_url( $arrHeaders['headers']['location'], $url ), $r);
                        } else {
                                return new WP_Error('http_request_failed', __('Too many redirects.'));
                        }
@@ -887,7 +894,8 @@ class WP_Http_Streams {
                        array(
                                'method' => strtoupper($r['method']),
                                'user_agent' => $r['user-agent'],
-                               'max_redirects' => $r['redirection'] + 1, // See #11557
+                               'max_redirects' => 0, // Follow no redirects
+                               'follow_redirects' => false,
                                'protocol_version' => (float) $r['httpversion'],
                                'header' => $strHeaders,
                                'ignore_errors' => true, // Return non-200 requests.
@@ -960,10 +968,13 @@ class WP_Http_Streams {
                else
                        $processedHeaders = WP_Http::processHeaders($meta['wrapper_data']);
 
-               // Streams does not provide an error code which we can use to see why the request stream stopped.
-               // We can however test to see if a location header is present and return based on that.
-               if ( isset($processedHeaders['headers']['location']) && 0 !== $args['_redirection'] )
-                       return new WP_Error('http_request_failed', __('Too many redirects.'));
+               if ( ! empty( $processedHeaders['headers']['location'] ) && 0 !== $r['_redirection'] ) { // _redirection: The requested number of redirections
+                       if ( $r['redirection']-- > 0 ) {
+                               return wp_remote_request( WP_HTTP::make_absolute_url( $processedHeaders['headers']['location'], $url ), $r );
+                       } else {
+                               return new WP_Error( 'http_request_failed', __( 'Too many redirects.' ) );
+                       }
+               }
 
                if ( ! empty( $strResponse ) && isset( $processedHeaders['headers']['transfer-encoding'] ) && 'chunked' == $processedHeaders['headers']['transfer-encoding'] )
                        $strResponse = WP_Http::chunkTransferDecode($strResponse);
@@ -1088,6 +1099,8 @@ class WP_Http_Curl {
                // The option doesn't work with safe mode or when open_basedir is set, and there's a
                // bug #17490 with redirected POST requests, so handle redirections outside Curl.
                curl_setopt( $handle, CURLOPT_FOLLOWLOCATION, false );
+               if ( defined( 'CURLOPT_PROTOCOLS' ) ) // PHP 5.2.10 / cURL 7.19.4
+                       curl_setopt( $handle, CURLOPT_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS );
 
                switch ( $r['method'] ) {
                        case 'HEAD':
@@ -1178,7 +1191,7 @@ class WP_Http_Curl {
                // See #11305 - When running under safe mode, redirection is disabled above. Handle it manually.
                if ( ! empty( $theHeaders['headers']['location'] ) && 0 !== $r['_redirection'] ) { // _redirection: The requested number of redirections
                        if ( $r['redirection']-- > 0 ) {
-                               return $this->request( WP_HTTP::make_absolute_url( $theHeaders['headers']['location'], $url ), $r );
+                               return wp_remote_request( WP_HTTP::make_absolute_url( $theHeaders['headers']['location'], $url ), $r );
                        } else {
                                return new WP_Error( 'http_request_failed', __( 'Too many redirects.' ) );
                        }