diff -r 3d4e9c994f10 -r a86126ab1dd4 wp/wp-includes/http.php --- a/wp/wp-includes/http.php Tue Oct 22 16:11:46 2019 +0200 +++ b/wp/wp-includes/http.php Tue Dec 15 13:49:49 2020 +0100 @@ -15,8 +15,6 @@ * @since 2.7.0 * @access private * - * @staticvar WP_Http $http - * * @return WP_Http HTTP Transport object. */ function _wp_http_get_object() { @@ -39,9 +37,9 @@ * @see wp_remote_request() For more information on the response array format. * @see WP_Http::request() For default arguments information. * - * @param string $url Site URL to retrieve. + * @param string $url URL to retrieve. * @param array $args Optional. Request arguments. Default empty array. - * @return WP_Error|array The response or WP_Error on failure. + * @return array|WP_Error The response or WP_Error on failure. */ function wp_safe_remote_request( $url, $args = array() ) { $args['reject_unsafe_urls'] = true; @@ -60,9 +58,9 @@ * @see wp_remote_request() For more information on the response array format. * @see WP_Http::request() For default arguments information. * - * @param string $url Site URL to retrieve. + * @param string $url URL to retrieve. * @param array $args Optional. Request arguments. Default empty array. - * @return WP_Error|array The response or WP_Error on failure. + * @return array|WP_Error The response or WP_Error on failure. */ function wp_safe_remote_get( $url, $args = array() ) { $args['reject_unsafe_urls'] = true; @@ -81,9 +79,9 @@ * @see wp_remote_request() For more information on the response array format. * @see WP_Http::request() For default arguments information. * - * @param string $url Site URL to retrieve. + * @param string $url URL to retrieve. * @param array $args Optional. Request arguments. Default empty array. - * @return WP_Error|array The response or WP_Error on failure. + * @return array|WP_Error The response or WP_Error on failure. */ function wp_safe_remote_post( $url, $args = array() ) { $args['reject_unsafe_urls'] = true; @@ -102,9 +100,9 @@ * @see wp_remote_request() For more information on the response array format. * @see WP_Http::request() For default arguments information. * - * @param string $url Site URL to retrieve. - * @param array $args Optional. Request arguments. Default empty array. - * @return WP_Error|array The response or WP_Error on failure. + * @param string $url URL to retrieve. + * @param array $args Optional. Request arguments. Default empty array. + * @return array|WP_Error The response or WP_Error on failure. */ function wp_safe_remote_head( $url, $args = array() ) { $args['reject_unsafe_urls'] = true; @@ -113,40 +111,34 @@ } /** - * Retrieve the raw response from the HTTP request. - * - * The array structure is a little complex: - * - * $res = array( - * 'headers' => array(), - * 'response' => array( - * 'code' => int, - * 'message' => string - * ) - * ); + * Performs an HTTP request and returns its response. * - * All of the headers in $res['headers'] are with the name as the key and the - * value as the value. So to get the User-Agent, you would do the following. - * - * $user_agent = $res['headers']['user-agent']; + * There are other API functions available which abstract away the HTTP method: * - * The body is the raw response content and can be retrieved from $res['body']. - * - * This function is called first to make the request and there are other API - * functions to abstract out the above convoluted setup. - * - * Request method defaults for helper functions: * - Default 'GET' for wp_remote_get() * - Default 'POST' for wp_remote_post() * - Default 'HEAD' for wp_remote_head() * * @since 2.7.0 * - * @see WP_Http::request() For additional information on default arguments. + * @see WP_Http::request() For information on default arguments. + * + * @param string $url URL to retrieve. + * @param array $args Optional. Request arguments. Default empty array. + * @return array|WP_Error { + * The response array or a WP_Error on failure. * - * @param string $url Site URL to retrieve. - * @param array $args Optional. Request arguments. Default empty array. - * @return WP_Error|array The response or WP_Error on failure. + * @type string[] $headers Array of response headers keyed by their name. + * @type string $body Response body. + * @type array $response { + * Data about the HTTP response. + * + * @type int|false $code HTTP response code. + * @type string|false $message HTTP response message. + * } + * @type WP_HTTP_Cookie[] $cookies Array of response cookies. + * @type WP_HTTP_Requests_Response|null $http_response Raw HTTP response object. + * } */ function wp_remote_request( $url, $args = array() ) { $http = _wp_http_get_object(); @@ -154,16 +146,16 @@ } /** - * Retrieve the raw response from the HTTP request using the GET method. + * Performs an HTTP request using the GET method and returns its response. * * @since 2.7.0 * * @see wp_remote_request() For more information on the response array format. * @see WP_Http::request() For default arguments information. * - * @param string $url Site URL to retrieve. + * @param string $url URL to retrieve. * @param array $args Optional. Request arguments. Default empty array. - * @return WP_Error|array The response or WP_Error on failure. + * @return array|WP_Error The response or WP_Error on failure. */ function wp_remote_get( $url, $args = array() ) { $http = _wp_http_get_object(); @@ -171,16 +163,16 @@ } /** - * Retrieve the raw response from the HTTP request using the POST method. + * Performs an HTTP request using the POST method and returns its response. * * @since 2.7.0 * * @see wp_remote_request() For more information on the response array format. * @see WP_Http::request() For default arguments information. * - * @param string $url Site URL to retrieve. + * @param string $url URL to retrieve. * @param array $args Optional. Request arguments. Default empty array. - * @return WP_Error|array The response or WP_Error on failure. + * @return array|WP_Error The response or WP_Error on failure. */ function wp_remote_post( $url, $args = array() ) { $http = _wp_http_get_object(); @@ -188,16 +180,16 @@ } /** - * Retrieve the raw response from the HTTP request using the HEAD method. + * Performs an HTTP request using the HEAD method and returns its response. * * @since 2.7.0 * * @see wp_remote_request() For more information on the response array format. * @see WP_Http::request() For default arguments information. * - * @param string $url Site URL to retrieve. + * @param string $url URL to retrieve. * @param array $args Optional. Request arguments. Default empty array. - * @return WP_Error|array The response or WP_Error on failure. + * @return array|WP_Error The response or WP_Error on failure. */ function wp_remote_head( $url, $args = array() ) { $http = _wp_http_get_object(); @@ -212,7 +204,7 @@ * * @see \Requests_Utility_CaseInsensitiveDictionary * - * @param array $response HTTP response. + * @param array|WP_Error $response HTTP response. * @return array|\Requests_Utility_CaseInsensitiveDictionary The headers of the response. Empty array if incorrect parameter given. */ function wp_remote_retrieve_headers( $response ) { @@ -228,8 +220,8 @@ * * @since 2.7.0 * - * @param array $response - * @param string $header Header name to retrieve value from. + * @param array|WP_Error $response HTTP response. + * @param string $header Header name to retrieve value from. * @return string The header value. Empty string on if incorrect parameter given, or if the header doesn't exist. */ function wp_remote_retrieve_header( $response, $header ) { @@ -251,7 +243,7 @@ * * @since 2.7.0 * - * @param array $response HTTP response. + * @param array|WP_Error $response HTTP response. * @return int|string The response code as an integer. Empty string on incorrect parameter given. */ function wp_remote_retrieve_response_code( $response ) { @@ -269,7 +261,7 @@ * * @since 2.7.0 * - * @param array $response HTTP response. + * @param array|WP_Error $response HTTP response. * @return string The response message. Empty string on incorrect parameter given. */ function wp_remote_retrieve_response_message( $response ) { @@ -285,7 +277,7 @@ * * @since 2.7.0 * - * @param array $response HTTP response. + * @param array|WP_Error $response HTTP response. * @return string The body of the response. Empty string if no body or incorrect parameter given. */ function wp_remote_retrieve_body( $response ) { @@ -301,8 +293,8 @@ * * @since 4.4.0 * - * @param array $response HTTP response. - * @return array An array of `WP_Http_Cookie` objects from the response. Empty array if there are none, or the response is a WP_Error. + * @param array|WP_Error $response HTTP response. + * @return WP_Http_Cookie[] An array of `WP_Http_Cookie` objects from the response. Empty array if there are none, or the response is a WP_Error. */ function wp_remote_retrieve_cookies( $response ) { if ( is_wp_error( $response ) || empty( $response['cookies'] ) ) { @@ -317,8 +309,8 @@ * * @since 4.4.0 * - * @param array $response HTTP response. - * @param string $name The name of the cookie to retrieve. + * @param array|WP_Error $response HTTP response. + * @param string $name The name of the cookie to retrieve. * @return WP_Http_Cookie|string The `WP_Http_Cookie` object. Empty string if the cookie isn't present in the response. */ function wp_remote_retrieve_cookie( $response, $name ) { @@ -342,8 +334,8 @@ * * @since 4.4.0 * - * @param array $response HTTP response. - * @param string $name The name of the cookie to retrieve. + * @param array|WP_Error $response HTTP response. + * @param string $name The name of the cookie to retrieve. * @return string The value of the cookie. Empty string if the cookie isn't present in the response. */ function wp_remote_retrieve_cookie_value( $response, $name ) { @@ -374,14 +366,14 @@ $count = count( $capabilities ); - // If we have a numeric $capabilities array, spoof a wp_remote_request() associative $args array + // If we have a numeric $capabilities array, spoof a wp_remote_request() associative $args array. if ( $count && count( array_filter( array_keys( $capabilities ), 'is_numeric' ) ) == $count ) { $capabilities = array_combine( array_values( $capabilities ), array_fill( 0, $count, true ) ); } if ( $url && ! isset( $capabilities['ssl'] ) ) { $scheme = parse_url( $url, PHP_URL_SCHEME ); - if ( 'https' == $scheme || 'ssl' == $scheme ) { + if ( 'https' === $scheme || 'ssl' === $scheme ) { $capabilities['ssl'] = true; } } @@ -417,13 +409,13 @@ * * @since 3.4.0 * - * @return array Array of origin URLs. + * @return string[] Array of origin URLs. */ function get_allowed_http_origins() { $admin_origin = parse_url( admin_url() ); $home_origin = parse_url( home_url() ); - // @todo preserve port? + // @todo Preserve port? $allowed_origins = array_unique( array( 'http://' . $admin_origin['host'], @@ -438,12 +430,13 @@ * * @since 3.4.0 * - * @param array $allowed_origins { - * Default allowed HTTP origins. - * @type string Non-secure URL for admin origin. - * @type string Secure URL for admin origin. - * @type string Non-secure URL for home origin. - * @type string Secure URL for home origin. + * @param string[] $allowed_origins { + * Array of default allowed HTTP origins. + * + * @type string $0 Non-secure URL for admin origin. + * @type string $1 Secure URL for admin origin. + * @type string $2 Non-secure URL for home origin. + * @type string $3 Secure URL for home origin. * } */ return apply_filters( 'allowed_http_origins', $allowed_origins ); @@ -464,7 +457,7 @@ $origin = get_http_origin(); } - if ( $origin && ! in_array( $origin, get_allowed_http_origins() ) ) { + if ( $origin && ! in_array( $origin, get_allowed_http_origins(), true ) ) { $origin = ''; } @@ -496,8 +489,8 @@ $origin = get_http_origin(); if ( is_allowed_http_origin( $origin ) ) { - @header( 'Access-Control-Allow-Origin: ' . $origin ); - @header( 'Access-Control-Allow-Credentials: true' ); + header( 'Access-Control-Allow-Origin: ' . $origin ); + header( 'Access-Control-Allow-Credentials: true' ); if ( 'OPTIONS' === $_SERVER['REQUEST_METHOD'] ) { exit; } @@ -517,8 +510,8 @@ * * @since 3.5.2 * - * @param string $url - * @return false|string URL or false on failure. + * @param string $url Request URL. + * @return string|false URL or false on failure. */ function wp_http_validate_url( $url ) { $original_url = $url; @@ -527,7 +520,7 @@ return false; } - $parsed_url = @parse_url( $url ); + $parsed_url = parse_url( $url ); if ( ! $parsed_url || empty( $parsed_url['host'] ) ) { return false; } @@ -540,7 +533,7 @@ return false; } - $parsed_home = @parse_url( get_option( 'home' ) ); + $parsed_home = parse_url( get_option( 'home' ) ); if ( isset( $parsed_home['host'] ) ) { $same_host = strtolower( $parsed_home['host'] ) === strtolower( $parsed_url['host'] ); @@ -554,7 +547,7 @@ $ip = $host; } else { $ip = gethostbyname( $host ); - if ( $ip === $host ) { // Error condition for gethostbyname() + if ( $ip === $host ) { // Error condition for gethostbyname(). return false; } } @@ -572,9 +565,9 @@ * * @since 3.6.0 * - * @param bool false Whether HTTP request is external or not. - * @param string $host IP of the requested host. - * @param string $url URL of the requested host. + * @param bool $external Whether HTTP request is external or not. + * @param string $host Host name of the requested URL. + * @param string $url Requested URL. */ if ( ! apply_filters( 'http_request_host_is_external', false, $host, $url ) ) { return false; @@ -600,7 +593,7 @@ } /** - * Whitelists allowed redirect hosts for safe HTTP requests as well. + * Mark allowed redirect hosts safe for HTTP requests as well. * * Attached to the {@see 'http_request_host_is_external'} filter. * @@ -618,14 +611,14 @@ } /** - * Whitelists any domain in a multisite installation for safe HTTP requests. + * Adds any domain in a multisite installation for safe HTTP requests to the + * allowed list. * * Attached to the {@see 'http_request_host_is_external'} filter. * * @since 3.6.0 * * @global wpdb $wpdb WordPress database abstraction object. - * @staticvar array $queried * * @param bool $is_external * @param string $host @@ -637,7 +630,7 @@ if ( $is_external ) { return $is_external; } - if ( $host === get_network()->domain ) { + if ( get_network()->domain === $host ) { return true; } if ( isset( $queried[ $host ] ) ) { @@ -659,13 +652,10 @@ * in the query are being handled inconsistently. This function works around those * differences as well. * - * Error suppression is used as prior to PHP 5.3.3, an E_WARNING would be generated - * when URL parsing failed. - * * @since 4.4.0 * @since 4.7.0 The `$component` parameter was added for parity with PHP's `parse_url()`. * - * @link https://secure.php.net/manual/en/function.parse-url.php + * @link https://www.php.net/manual/en/function.parse-url.php * * @param string $url The URL to parse. * @param int $component The specific component to retrieve. Use one of the PHP @@ -689,7 +679,7 @@ $url = 'placeholder://placeholder' . $url; } - $parts = @parse_url( $url ); + $parts = parse_url( $url ); if ( false === $parts ) { // Parsing failure. @@ -712,12 +702,12 @@ * @since 4.7.0 * @access private * - * @link https://secure.php.net/manual/en/function.parse-url.php + * @link https://www.php.net/manual/en/function.parse-url.php * * @param array|false $url_parts The parsed URL. Can be false if the URL failed to parse. - * @param int $component The specific component to retrieve. Use one of the PHP - * predefined constants to specify which one. - * Defaults to -1 (= return all parts as an array). + * @param int $component The specific component to retrieve. Use one of the PHP + * predefined constants to specify which one. + * Defaults to -1 (= return all parts as an array). * @return mixed False on parse failure; Array of URL components on success; * When a specific component has been requested: null if the component * doesn't exist in the given URL; a string or - in the case of @@ -744,10 +734,10 @@ * @since 4.7.0 * @access private * - * @link https://secure.php.net/manual/en/url.constants.php + * @link https://www.php.net/manual/en/url.constants.php * * @param int $constant PHP_URL_* constant. - * @return string|bool The named key or false. + * @return string|false The named key or false. */ function _wp_translate_php_url_constant_to_key( $constant ) { $translation = array(