--- a/wp/wp-includes/class-wp-oembed.php Tue Dec 15 15:52:01 2020 +0100
+++ b/wp/wp-includes/class-wp-oembed.php Wed Sep 21 18:19:35 2022 +0200
@@ -72,7 +72,6 @@
'#https?://(www\.)?twitter\.com/i/moments/.*#i' => array( 'https://publish.twitter.com/oembed', true ),
'#https?://(www\.)?soundcloud\.com/.*#i' => array( 'https://soundcloud.com/oembed', true ),
'#https?://(.+?\.)?slideshare\.net/.*#i' => array( 'https://www.slideshare.net/api/oembed/2', true ),
- '#https?://(www\.)?instagr(\.am|am\.com)/(p|tv)/.*#i' => array( 'https://api.instagram.com/oembed', true ),
'#https?://(open|play)\.spotify\.com/.*#i' => array( 'https://embed.spotify.com/oembed/', true ),
'#https?://(.+\.)?imgur\.com/.*#i' => array( 'https://api.imgur.com/oembed', true ),
'#https?://(www\.)?meetu(\.ps|p\.com)/.*#i' => array( 'https://api.meetup.com/oembed', true ),
@@ -88,16 +87,6 @@
'#https?://videopress\.com/v/.*#' => array( 'https://public-api.wordpress.com/oembed/?for=' . $host, true ),
'#https?://(www\.)?reddit\.com/r/[^/]+/comments/.*#i' => array( 'https://www.reddit.com/oembed', true ),
'#https?://(www\.)?speakerdeck\.com/.*#i' => array( 'https://speakerdeck.com/oembed.{format}', true ),
- '#https?://www\.facebook\.com/.*/posts/.*#i' => array( 'https://www.facebook.com/plugins/post/oembed.json/', true ),
- '#https?://www\.facebook\.com/.*/activity/.*#i' => array( 'https://www.facebook.com/plugins/post/oembed.json/', true ),
- '#https?://www\.facebook\.com/.*/photos/.*#i' => array( 'https://www.facebook.com/plugins/post/oembed.json/', true ),
- '#https?://www\.facebook\.com/photo(s/|\.php).*#i' => array( 'https://www.facebook.com/plugins/post/oembed.json/', true ),
- '#https?://www\.facebook\.com/permalink\.php.*#i' => array( 'https://www.facebook.com/plugins/post/oembed.json/', true ),
- '#https?://www\.facebook\.com/media/.*#i' => array( 'https://www.facebook.com/plugins/post/oembed.json/', true ),
- '#https?://www\.facebook\.com/questions/.*#i' => array( 'https://www.facebook.com/plugins/post/oembed.json/', true ),
- '#https?://www\.facebook\.com/notes/.*#i' => array( 'https://www.facebook.com/plugins/post/oembed.json/', true ),
- '#https?://www\.facebook\.com/.*/videos/.*#i' => array( 'https://www.facebook.com/plugins/video/oembed.json/', true ),
- '#https?://www\.facebook\.com/video\.php.*#i' => array( 'https://www.facebook.com/plugins/video/oembed.json/', true ),
'#https?://(www\.)?screencast\.com/.*#i' => array( 'https://api.screencast.com/external/oembed', true ),
'#https?://([a-z0-9-]+\.)?amazon\.(com|com\.mx|com\.br|ca)/.*#i' => array( 'https://read.amazon.com/kp/api/oembed', true ),
'#https?://([a-z0-9-]+\.)?amazon\.(co\.uk|de|fr|it|es|in|nl|ru)/.*#i' => array( 'https://read.amazon.co.uk/kp/api/oembed', true ),
@@ -150,8 +139,6 @@
* | SmugMug | smugmug.com | 3.0.0 |
* | YouTube | youtu.be | 3.0.0 |
* | Twitter | twitter.com | 3.4.0 |
- * | Instagram | instagram.com | 3.5.0 |
- * | Instagram | instagr.am | 3.5.0 |
* | Slideshare | slideshare.net | 3.5.0 |
* | SoundCloud | soundcloud.com | 3.5.0 |
* | Dailymotion | dai.ly | 3.6.0 |
@@ -177,7 +164,6 @@
* | Speaker Deck | speakerdeck.com | 4.4.0 |
* | Twitter | twitter.com/timelines | 4.5.0 |
* | Twitter | twitter.com/moments | 4.5.0 |
- * | Facebook | facebook.com | 4.7.0 |
* | Twitter | twitter.com/user | 4.7.0 |
* | Twitter | twitter.com/likes | 4.7.0 |
* | Twitter | twitter.com/lists | 4.7.0 |
@@ -192,8 +178,6 @@
* | Someecards | someecards.com | 4.9.0 |
* | Someecards | some.ly | 4.9.0 |
* | Crowdsignal | survey.fm | 5.1.0 |
- * | Instagram TV | instagram.com | 5.1.0 |
- * | Instagram TV | instagr.am | 5.1.0 |
* | TikTok | tiktok.com | 5.4.0 |
*
* No longer supported providers:
@@ -211,6 +195,11 @@
* | Funny or Die | funnyordie.com | 3.0.0 | 5.1.0 |
* | CollegeHumor | collegehumor.com | 4.0.0 | 5.3.1 |
* | Hulu | hulu.com | 2.9.0 | 5.5.0 |
+ * | Instagram | instagram.com | 3.5.0 | 5.5.2 |
+ * | Instagram | instagr.am | 3.5.0 | 5.5.2 |
+ * | Instagram TV | instagram.com | 5.1.0 | 5.5.2 |
+ * | Instagram TV | instagr.am | 5.1.0 | 5.5.2 |
+ * | Facebook | facebook.com | 4.7.0 | 5.5.2 |
*
* @see wp_oembed_add_provider()
*
@@ -231,7 +220,7 @@
*
* @param string $name Method to call.
* @param array $arguments Arguments to pass when calling.
- * @return mixed|bool Return value of the callback, false otherwise.
+ * @return mixed|false Return value of the callback, false otherwise.
*/
public function __call( $name, $arguments ) {
if ( in_array( $name, $this->compat_methods, true ) ) {
@@ -248,7 +237,13 @@
* @see WP_oEmbed::discover()
*
* @param string $url The URL to the content.
- * @param string|array $args Optional provider arguments.
+ * @param string|array $args {
+ * Optional. Additional provider arguments. Default empty.
+ *
+ * @type bool $discover Optional. Determines whether to attempt to discover link tags
+ * at the given URL for an oEmbed provider when the provider URL
+ * is not found in the built-in providers list. Default true.
+ * }
* @return string|false The oEmbed provider URL on success, false on failure.
*/
public function get_provider( $url, $args = '' ) {
@@ -339,7 +334,8 @@
* @since 4.8.0
*
* @param string $url The URL to the content that should be attempted to be embedded.
- * @param array|string $args Optional. Arguments, usually passed from a shortcode. Default empty.
+ * @param string|array $args Optional. Additional arguments for retrieving embed HTML.
+ * See wp_oembed_get() for accepted arguments. Default empty.
* @return object|false The result in the form of an object on success, false on failure.
*/
public function get_data( $url, $args = '' ) {
@@ -369,9 +365,10 @@
* @since 2.9.0
*
* @param string $url The URL to the content that should be attempted to be embedded.
- * @param array|string $args Optional. Arguments, usually passed from a shortcode. Default empty.
- * @return string|false The UNSANITIZED (and potentially unsafe) HTML that should be used to embed on success,
- * false on failure.
+ * @param string|array $args Optional. Additional arguments for retrieving embed HTML.
+ * See wp_oembed_get() for accepted arguments. Default empty.
+ * @return string|false The UNSANITIZED (and potentially unsafe) HTML that should be used to embed
+ * on success, false on failure.
*/
public function get_html( $url, $args = '' ) {
/**
@@ -385,10 +382,11 @@
*
* @since 4.5.3
*
- * @param null|string $result The UNSANITIZED (and potentially unsafe) HTML that should be used to embed.
- * Default null to continue retrieving the result.
- * @param string $url The URL to the content that should be attempted to be embedded.
- * @param array $args Optional. Arguments, usually passed from a shortcode. Default empty.
+ * @param null|string $result The UNSANITIZED (and potentially unsafe) HTML that should be used to embed.
+ * Default null to continue retrieving the result.
+ * @param string $url The URL to the content that should be attempted to be embedded.
+ * @param string|array $args Optional. Additional arguments for retrieving embed HTML.
+ * See wp_oembed_get() for accepted arguments. Default empty.
*/
$pre = apply_filters( 'pre_oembed_result', null, $url, $args );
@@ -409,7 +407,8 @@
*
* @param string|false $data The returned oEmbed HTML (false if unsafe).
* @param string $url URL of the content to be embedded.
- * @param array $args Optional arguments, usually passed from a shortcode.
+ * @param string|array $args Optional. Additional arguments for retrieving embed HTML.
+ * See wp_oembed_get() for accepted arguments. Default empty.
*/
return apply_filters( 'oembed_result', $this->data2html( $data, $url ), $url, $args );
}
@@ -511,7 +510,8 @@
*
* @param string $provider The URL to the oEmbed provider.
* @param string $url The URL to the content that is desired to be embedded.
- * @param array|string $args Optional. Arguments, usually passed from a shortcode. Default empty.
+ * @param string|array $args Optional. Additional arguments for retrieving embed HTML.
+ * See wp_oembed_get() for accepted arguments. Default empty.
* @return object|false The result in the form of an object on success, false on failure.
*/
public function fetch( $provider, $url, $args = '' ) {
@@ -530,7 +530,8 @@
*
* @param string $provider URL of the oEmbed provider.
* @param string $url URL of the content to be embedded.
- * @param array $args Optional arguments, usually passed from a shortcode.
+ * @param array $args Optional. Additional arguments for retrieving embed HTML.
+ * See wp_oembed_get() for accepted arguments. Default empty.
*/
$provider = apply_filters( 'oembed_fetch_url', $provider, $url, $args );
@@ -597,13 +598,23 @@
return false;
}
- $loader = libxml_disable_entity_loader( true );
+ if ( PHP_VERSION_ID < 80000 ) {
+ // This function has been deprecated in PHP 8.0 because in libxml 2.9.0, external entity loading
+ // is disabled by default, so this function is no longer needed to protect against XXE attacks.
+ // phpcs:ignore PHPCompatibility.FunctionUse.RemovedFunctions.libxml_disable_entity_loaderDeprecated
+ $loader = libxml_disable_entity_loader( true );
+ }
+
$errors = libxml_use_internal_errors( true );
$return = $this->_parse_xml_body( $response_body );
libxml_use_internal_errors( $errors );
- libxml_disable_entity_loader( $loader );
+
+ if ( PHP_VERSION_ID < 80000 && isset( $loader ) ) {
+ // phpcs:ignore PHPCompatibility.FunctionUse.RemovedFunctions.libxml_disable_entity_loaderDeprecated
+ libxml_disable_entity_loader( $loader );
+ }
return $return;
}