sergiotarxz/Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Inline documentation for hooks in http.php.

Browse Source 
props tw2113.
see #25229.

git-svn-id: https://develop.svn.wordpress.org/trunk@25302 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Sergey Biryukov 2013-09-08 22:03:14 +00:00
parent 7f7aacbdec
commit 22aa493cfc
1 changed files with 41 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
src/wp-includes/http.php
View File

@ -338,11 +338,18 @@ function get_http_origin() {
if ( ! empty ( $_SERVER[ 'HTTP_ORIGIN' ] ) ) if ( ! empty ( $_SERVER[ 'HTTP_ORIGIN' ] ) )
$origin = $_SERVER[ 'HTTP_ORIGIN' ]; $origin = $_SERVER[ 'HTTP_ORIGIN' ];
/**
* Change the origin of an HTTP request.
*
* @since 3.4.0
*
* @param string $origin The original origin for the request.
*/
return apply_filters( 'http_origin', $origin ); return apply_filters( 'http_origin', $origin );
} }
/** /**
* Retrieve list of allowed http origins. * Retrieve list of allowed HTTP origins.
* *
* @since 3.4.0 * @since 3.4.0
* *
@ -360,11 +367,24 @@ function get_allowed_http_origins() {
'https://' . $home_origin[ 'host' ], 'https://' . $home_origin[ 'host' ],
) ); ) );
/**
* Change the origin types allowed for HTTP requests.
*
* @since 3.4.0
*
* @param array $allowed_origins {
* Default allowed HTTP origins.
* @type string Non-secure URL for admin origin.
* @type string Secure URL for admin origin.
* @type string Non-secure URL for home origin.
* @type string Secure URL for home origin.
* }
*/
return apply_filters( 'allowed_http_origins' , $allowed_origins ); return apply_filters( 'allowed_http_origins' , $allowed_origins );
} }
/** /**
* Determines if the http origin is an authorized one. * Determines if the HTTP origin is an authorized one.
* *
* @since 3.4.0 * @since 3.4.0
* *
@ -380,6 +400,14 @@ function is_allowed_http_origin( $origin = null ) {
if ( $origin && ! in_array( $origin, get_allowed_http_origins() ) ) if ( $origin && ! in_array( $origin, get_allowed_http_origins() ) )
$origin = ''; $origin = '';
/**
* Change the allowed HTTP origin result.
*
* @since 3.4.0
*
* @param string $origin Result of check for allowed origin.
* @param string $origin_arg original origin string passed into is_allowed_http_origin function.
*/
return apply_filters( 'allowed_http_origin', $origin, $origin_arg ); return apply_filters( 'allowed_http_origin', $origin, $origin_arg );
} }
@ -458,6 +486,17 @@ function wp_http_validate_url( $url ) {
|| ( 192 === $parts[0] && 168 === $parts[1] ) || ( 192 === $parts[0] && 168 === $parts[1] )
) { ) {
// If host appears local, reject unless specifically allowed. // If host appears local, reject unless specifically allowed.
/**
* Check if HTTP request is external or not.
*
* Allows to change and allow external requests for the HTTP request.
*
* @since 3.6.0
*
* @param bool false Whether HTTP request is external or not.
* @param string $host IP of the requested host.
* @param string $url URL of the requested host.
*/
if ( ! apply_filters( 'http_request_host_is_external', false, $host, $url ) ) if ( ! apply_filters( 'http_request_host_is_external', false, $host, $url ) )
return false; return false;
} }