diff -r 3d4e9c994f10 -r a86126ab1dd4 wp/wp-includes/class-wp-http-streams.php --- a/wp/wp-includes/class-wp-http-streams.php Tue Oct 22 16:11:46 2019 +0200 +++ b/wp/wp-includes/class-wp-http-streams.php Tue Dec 15 13:49:49 2020 +0100 @@ -22,7 +22,7 @@ * @since 2.7.0 * @since 3.7.0 Combined with the fsockopen transport and switched to stream_socket_client(). * - * @param string $url The request URL. + * @param string $url The request URL. * @param string|array $args Optional. Override the defaults. * @return array|WP_Error Array containing 'headers', 'body', 'response', 'cookies', 'filename'. A WP_Error instance upon error */ @@ -38,26 +38,26 @@ 'cookies' => array(), ); - $r = wp_parse_args( $args, $defaults ); + $parsed_args = wp_parse_args( $args, $defaults ); - if ( isset( $r['headers']['User-Agent'] ) ) { - $r['user-agent'] = $r['headers']['User-Agent']; - unset( $r['headers']['User-Agent'] ); - } elseif ( isset( $r['headers']['user-agent'] ) ) { - $r['user-agent'] = $r['headers']['user-agent']; - unset( $r['headers']['user-agent'] ); + if ( isset( $parsed_args['headers']['User-Agent'] ) ) { + $parsed_args['user-agent'] = $parsed_args['headers']['User-Agent']; + unset( $parsed_args['headers']['User-Agent'] ); + } elseif ( isset( $parsed_args['headers']['user-agent'] ) ) { + $parsed_args['user-agent'] = $parsed_args['headers']['user-agent']; + unset( $parsed_args['headers']['user-agent'] ); } // Construct Cookie: header if any cookies are set. - WP_Http::buildCookieHeader( $r ); + WP_Http::buildCookieHeader( $parsed_args ); $arrURL = parse_url( $url ); $connect_host = $arrURL['host']; - $secure_transport = ( $arrURL['scheme'] == 'ssl' || $arrURL['scheme'] == 'https' ); + $secure_transport = ( 'ssl' === $arrURL['scheme'] || 'https' === $arrURL['scheme'] ); if ( ! isset( $arrURL['port'] ) ) { - if ( $arrURL['scheme'] == 'ssl' || $arrURL['scheme'] == 'https' ) { + if ( 'ssl' === $arrURL['scheme'] || 'https' === $arrURL['scheme'] ) { $arrURL['port'] = 443; $secure_transport = true; } else { @@ -65,18 +65,18 @@ } } - // Always pass a Path, defaulting to the root in cases such as http://example.com + // Always pass a path, defaulting to the root in cases such as http://example.com. if ( ! isset( $arrURL['path'] ) ) { $arrURL['path'] = '/'; } - if ( isset( $r['headers']['Host'] ) || isset( $r['headers']['host'] ) ) { - if ( isset( $r['headers']['Host'] ) ) { - $arrURL['host'] = $r['headers']['Host']; + if ( isset( $parsed_args['headers']['Host'] ) || isset( $parsed_args['headers']['host'] ) ) { + if ( isset( $parsed_args['headers']['Host'] ) ) { + $arrURL['host'] = $parsed_args['headers']['Host']; } else { - $arrURL['host'] = $r['headers']['host']; + $arrURL['host'] = $parsed_args['headers']['host']; } - unset( $r['headers']['Host'], $r['headers']['host'] ); + unset( $parsed_args['headers']['Host'], $parsed_args['headers']['host'] ); } /* @@ -84,14 +84,14 @@ * to ::1, which fails when the server is not set up for it. For compatibility, always * connect to the IPv4 address. */ - if ( 'localhost' == strtolower( $connect_host ) ) { + if ( 'localhost' === strtolower( $connect_host ) ) { $connect_host = '127.0.0.1'; } $connect_host = $secure_transport ? 'ssl://' . $connect_host : 'tcp://' . $connect_host; - $is_local = isset( $r['local'] ) && $r['local']; - $ssl_verify = isset( $r['sslverify'] ) && $r['sslverify']; + $is_local = isset( $parsed_args['local'] ) && $parsed_args['local']; + $ssl_verify = isset( $parsed_args['sslverify'] ) && $parsed_args['sslverify']; if ( $is_local ) { /** * Filters whether SSL should be verified for local requests. @@ -114,17 +114,17 @@ array( 'ssl' => array( 'verify_peer' => $ssl_verify, - //'CN_match' => $arrURL['host'], // This is handled by self::verify_ssl_certificate() + // 'CN_match' => $arrURL['host'], // This is handled by self::verify_ssl_certificate(). 'capture_peer_cert' => $ssl_verify, 'SNI_enabled' => true, - 'cafile' => $r['sslcertificates'], + 'cafile' => $parsed_args['sslcertificates'], 'allow_self_signed' => ! $ssl_verify, ), ) ); - $timeout = (int) floor( $r['timeout'] ); - $utimeout = $timeout == $r['timeout'] ? 0 : 1000000 * $r['timeout'] % 1000000; + $timeout = (int) floor( $parsed_args['timeout'] ); + $utimeout = $timeout == $parsed_args['timeout'] ? 0 : 1000000 * $parsed_args['timeout'] % 1000000; $connect_timeout = max( $timeout, 1 ); // Store error number. @@ -134,14 +134,16 @@ $connection_error_str = null; if ( ! WP_DEBUG ) { - // In the event that the SSL connection fails, silence the many PHP Warnings. + // In the event that the SSL connection fails, silence the many PHP warnings. if ( $secure_transport ) { $error_reporting = error_reporting( 0 ); } if ( $proxy->is_enabled() && $proxy->send_through_proxy( $url ) ) { + // phpcs:ignore WordPress.PHP.NoSilencedErrors.Discouraged $handle = @stream_socket_client( 'tcp://' . $proxy->host() . ':' . $proxy->port(), $connection_error, $connection_error_str, $connect_timeout, STREAM_CLIENT_CONNECT, $context ); } else { + // phpcs:ignore WordPress.PHP.NoSilencedErrors.Discouraged $handle = @stream_socket_client( $connect_host . ':' . $arrURL['port'], $connection_error, $connection_error_str, $connect_timeout, STREAM_CLIENT_CONNECT, $context ); } @@ -174,18 +176,18 @@ stream_set_timeout( $handle, $timeout, $utimeout ); - if ( $proxy->is_enabled() && $proxy->send_through_proxy( $url ) ) { //Some proxies require full URL in this field. + if ( $proxy->is_enabled() && $proxy->send_through_proxy( $url ) ) { // Some proxies require full URL in this field. $requestPath = $url; } else { $requestPath = $arrURL['path'] . ( isset( $arrURL['query'] ) ? '?' . $arrURL['query'] : '' ); } - $strHeaders = strtoupper( $r['method'] ) . ' ' . $requestPath . ' HTTP/' . $r['httpversion'] . "\r\n"; + $strHeaders = strtoupper( $parsed_args['method'] ) . ' ' . $requestPath . ' HTTP/' . $parsed_args['httpversion'] . "\r\n"; $include_port_in_host_header = ( ( $proxy->is_enabled() && $proxy->send_through_proxy( $url ) ) || - ( 'http' == $arrURL['scheme'] && 80 != $arrURL['port'] ) || - ( 'https' == $arrURL['scheme'] && 443 != $arrURL['port'] ) + ( 'http' === $arrURL['scheme'] && 80 != $arrURL['port'] ) || + ( 'https' === $arrURL['scheme'] && 443 != $arrURL['port'] ) ); if ( $include_port_in_host_header ) { @@ -194,16 +196,16 @@ $strHeaders .= 'Host: ' . $arrURL['host'] . "\r\n"; } - if ( isset( $r['user-agent'] ) ) { - $strHeaders .= 'User-agent: ' . $r['user-agent'] . "\r\n"; + if ( isset( $parsed_args['user-agent'] ) ) { + $strHeaders .= 'User-agent: ' . $parsed_args['user-agent'] . "\r\n"; } - if ( is_array( $r['headers'] ) ) { - foreach ( (array) $r['headers'] as $header => $headerValue ) { + if ( is_array( $parsed_args['headers'] ) ) { + foreach ( (array) $parsed_args['headers'] as $header => $headerValue ) { $strHeaders .= $header . ': ' . $headerValue . "\r\n"; } } else { - $strHeaders .= $r['headers']; + $strHeaders .= $parsed_args['headers']; } if ( $proxy->use_authentication() ) { @@ -212,13 +214,13 @@ $strHeaders .= "\r\n"; - if ( ! is_null( $r['body'] ) ) { - $strHeaders .= $r['body']; + if ( ! is_null( $parsed_args['body'] ) ) { + $strHeaders .= $parsed_args['body']; } fwrite( $handle, $strHeaders ); - if ( ! $r['blocking'] ) { + if ( ! $parsed_args['blocking'] ) { stream_set_blocking( $handle, 0 ); fclose( $handle ); return array( @@ -236,25 +238,25 @@ $bodyStarted = false; $keep_reading = true; $block_size = 4096; - if ( isset( $r['limit_response_size'] ) ) { - $block_size = min( $block_size, $r['limit_response_size'] ); + if ( isset( $parsed_args['limit_response_size'] ) ) { + $block_size = min( $block_size, $parsed_args['limit_response_size'] ); } // If streaming to a file setup the file handle. - if ( $r['stream'] ) { + if ( $parsed_args['stream'] ) { if ( ! WP_DEBUG ) { - $stream_handle = @fopen( $r['filename'], 'w+' ); + $stream_handle = @fopen( $parsed_args['filename'], 'w+' ); } else { - $stream_handle = fopen( $r['filename'], 'w+' ); + $stream_handle = fopen( $parsed_args['filename'], 'w+' ); } if ( ! $stream_handle ) { return new WP_Error( 'http_request_failed', sprintf( - /* translators: 1: fopen(), 2: file name */ + /* translators: 1: fopen(), 2: File name. */ __( 'Could not open handle for %1$s to %2$s.' ), 'fopen()', - $r['filename'] + $parsed_args['filename'] ) ); } @@ -275,8 +277,8 @@ $this_block_size = strlen( $block ); - if ( isset( $r['limit_response_size'] ) && ( $bytes_written + $this_block_size ) > $r['limit_response_size'] ) { - $this_block_size = ( $r['limit_response_size'] - $bytes_written ); + if ( isset( $parsed_args['limit_response_size'] ) && ( $bytes_written + $this_block_size ) > $parsed_args['limit_response_size'] ) { + $this_block_size = ( $parsed_args['limit_response_size'] - $bytes_written ); $block = substr( $block, 0, $this_block_size ); } @@ -290,7 +292,7 @@ $bytes_written += $bytes_written_to_file; - $keep_reading = ! isset( $r['limit_response_size'] ) || $bytes_written < $r['limit_response_size']; + $keep_reading = ! isset( $parsed_args['limit_response_size'] ) || $bytes_written < $parsed_args['limit_response_size']; } fclose( $stream_handle ); @@ -304,7 +306,7 @@ $header_length = strpos( $strResponse, "\r\n\r\n" ) + 4; $bodyStarted = true; } - $keep_reading = ( ! $bodyStarted || ! isset( $r['limit_response_size'] ) || strlen( $strResponse ) < ( $header_length + $r['limit_response_size'] ) ); + $keep_reading = ( ! $bodyStarted || ! isset( $parsed_args['limit_response_size'] ) || strlen( $strResponse ) < ( $header_length + $parsed_args['limit_response_size'] ) ); } $process = WP_Http::processResponse( $strResponse ); @@ -322,25 +324,28 @@ 'body' => null, 'response' => $arrHeaders['response'], 'cookies' => $arrHeaders['cookies'], - 'filename' => $r['filename'], + 'filename' => $parsed_args['filename'], ); // Handle redirects. - if ( false !== ( $redirect_response = WP_Http::handle_redirects( $url, $r, $response ) ) ) { + $redirect_response = WP_Http::handle_redirects( $url, $parsed_args, $response ); + if ( false !== $redirect_response ) { return $redirect_response; } // If the body was chunk encoded, then decode it. - if ( ! empty( $process['body'] ) && isset( $arrHeaders['headers']['transfer-encoding'] ) && 'chunked' == $arrHeaders['headers']['transfer-encoding'] ) { + if ( ! empty( $process['body'] ) && isset( $arrHeaders['headers']['transfer-encoding'] ) + && 'chunked' === $arrHeaders['headers']['transfer-encoding'] + ) { $process['body'] = WP_Http::chunkTransferDecode( $process['body'] ); } - if ( true === $r['decompress'] && true === WP_Http_Encoding::should_decode( $arrHeaders['headers'] ) ) { + if ( true === $parsed_args['decompress'] && true === WP_Http_Encoding::should_decode( $arrHeaders['headers'] ) ) { $process['body'] = WP_Http_Encoding::decompress( $process['body'] ); } - if ( isset( $r['limit_response_size'] ) && strlen( $process['body'] ) > $r['limit_response_size'] ) { - $process['body'] = substr( $process['body'], 0, $r['limit_response_size'] ); + if ( isset( $parsed_args['limit_response_size'] ) && strlen( $process['body'] ) > $parsed_args['limit_response_size'] ) { + $process['body'] = substr( $process['body'], 0, $parsed_args['limit_response_size'] ); } $response['body'] = $process['body']; @@ -387,7 +392,7 @@ $match_against = preg_split( '/,\s*/', $cert['extensions']['subjectAltName'] ); foreach ( $match_against as $match ) { list( $match_type, $match_host ) = explode( ':', $match ); - if ( $host_type == strtolower( trim( $match_type ) ) ) { // IP: or DNS: + if ( strtolower( trim( $match_type ) ) === $host_type ) { // IP: or DNS: $certificate_hostnames[] = strtolower( trim( $match_host ) ); } } @@ -397,12 +402,12 @@ } // Exact hostname/IP matches. - if ( in_array( strtolower( $host ), $certificate_hostnames ) ) { + if ( in_array( strtolower( $host ), $certificate_hostnames, true ) ) { return true; } // IP's can't be wildcards, Stop processing. - if ( 'ip' == $host_type ) { + if ( 'ip' === $host_type ) { return false; } @@ -414,7 +419,7 @@ // Wildcard subdomains certs (*.example.com) are valid for a.example.com but not a.b.example.com. $wildcard_host = preg_replace( '/^[^.]+\./', '*.', $host ); - return in_array( strtolower( $wildcard_host ), $certificate_hostnames ); + return in_array( strtolower( $wildcard_host ), $certificate_hostnames, true ); } /**