Standardise on performing api.WordPress.org requests over SSL when possible, falling back to non-SSL when appropriate.

This also standardises the `User-Agent` used when communicating with WordPress.org, allowing for more consistent version detection.

Fixes #42004.


git-svn-id: https://develop.svn.wordpress.org/trunk@41605 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Dion Hulse 2017-09-27 07:59:14 +00:00
parent 1545e58ea6
commit 2ff224a044
7 changed files with 50 additions and 11 deletions

View File

@ -92,8 +92,17 @@ class WP_Community_Events {
return $cached_events;
}
$api_url = 'https://api.wordpress.org/events/1.0/';
$request_args = $this->get_request_args( $location_search, $timezone );
// include an unmodified $wp_version
include( ABSPATH . WPINC . '/version.php' );
$api_url = 'http://api.wordpress.org/events/1.0/';
$request_args = $this->get_request_args( $location_search, $timezone );
$request_args['user-agent'] = 'WordPress/' . $wp_version . '; ' . home_url( '/' );
if ( wp_http_supports( array( 'ssl' ) ) ) {
$api_url = set_url_scheme( $api_url, 'https' );
}
$response = wp_remote_get( $api_url, $request_args );
$response_code = wp_remote_retrieve_response_code( $response );
$response_body = json_decode( wp_remote_retrieve_body( $response ), true );

View File

@ -15,7 +15,9 @@
* @return array|false A list of all of the contributors, or false on error.
*/
function wp_credits() {
$wp_version = get_bloginfo( 'version' );
// include an unmodified $wp_version
include( ABSPATH . WPINC . '/version.php' );
$locale = get_user_locale();
$results = get_site_transient( 'wordpress_credits_' . $locale );
@ -24,7 +26,14 @@ function wp_credits() {
|| false !== strpos( $wp_version, '-' )
|| ( isset( $results['data']['version'] ) && strpos( $wp_version, $results['data']['version'] ) !== 0 )
) {
$response = wp_remote_get( "http://api.wordpress.org/core/credits/1.1/?version={$wp_version}&locale={$locale}" );
$url = "http://api.wordpress.org/core/credits/1.1/?version={$wp_version}&locale={$locale}";
$options = array( 'user-agent' => 'WordPress/' . $wp_version . '; ' . home_url( '/' ) );
if ( wp_http_supports( array( 'ssl' ) ) ) {
$url = set_url_scheme( $url, 'https' );
}
$response = wp_remote_get( $url, $options );
if ( is_wp_error( $response ) || 200 != wp_remote_retrieve_response_code( $response ) )
return false;

View File

@ -1509,12 +1509,20 @@ function wp_check_browser_version() {
$key = md5( $_SERVER['HTTP_USER_AGENT'] );
if ( false === ($response = get_site_transient('browser_' . $key) ) ) {
// include an unmodified $wp_version
include( ABSPATH . WPINC . '/version.php' );
$url = 'http://api.wordpress.org/core/browse-happy/1.1/';
$options = array(
'body' => array( 'useragent' => $_SERVER['HTTP_USER_AGENT'] ),
'user-agent' => 'WordPress/' . get_bloginfo( 'version' ) . '; ' . home_url()
'body' => array( 'useragent' => $_SERVER['HTTP_USER_AGENT'] ),
'user-agent' => 'WordPress/' . $wp_version . '; ' . home_url( '/' )
);
$response = wp_remote_post( 'http://api.wordpress.org/core/browse-happy/1.1/', $options );
if ( wp_http_supports( array( 'ssl' ) ) ) {
$url = set_url_scheme( $url, 'https' );
}
$response = wp_remote_post( $url, $options );
if ( is_wp_error( $response ) || 200 != wp_remote_retrieve_response_code( $response ) )
return false;

View File

@ -131,10 +131,15 @@ function wp_get_popular_importers() {
if ( ! $popular_importers ) {
$url = add_query_arg( array(
'locale' => get_user_locale(),
'locale' => $locale,
'version' => $wp_version,
), 'http://api.wordpress.org/core/importers/1.1/' );
$options = array( 'user-agent' => 'WordPress/' . $wp_version . '; ' . home_url() );
$options = array( 'user-agent' => 'WordPress/' . $wp_version . '; ' . home_url( '/' ) );
if ( wp_http_supports( array( 'ssl' ) ) ) {
$url = set_url_scheme( $url, 'https' );
}
$response = wp_remote_get( $url, $options );
$popular_importers = json_decode( wp_remote_retrieve_body( $response ), true );

View File

@ -141,12 +141,16 @@ function plugins_api( $action, $args = array() ) {
$res = apply_filters( 'plugins_api', false, $action, $args );
if ( false === $res ) {
// include an unmodified $wp_version
include( ABSPATH . WPINC . '/version.php' );
$url = $http_url = 'http://api.wordpress.org/plugins/info/1.0/';
if ( $ssl = wp_http_supports( array( 'ssl' ) ) )
$url = set_url_scheme( $url, 'https' );
$http_args = array(
'timeout' => 15,
'user-agent' => 'WordPress/' . $wp_version . '; ' . home_url( '/' ),
'body' => array(
'action' => $action,
'request' => serialize( $args )

View File

@ -448,11 +448,15 @@ function themes_api( $action, $args = array() ) {
$res = apply_filters( 'themes_api', false, $action, $args );
if ( ! $res ) {
// include an unmodified $wp_version
include( ABSPATH . WPINC . '/version.php' );
$url = $http_url = 'http://api.wordpress.org/themes/info/1.0/';
if ( $ssl = wp_http_supports( array( 'ssl' ) ) )
$url = set_url_scheme( $url, 'https' );
$http_args = array(
'user-agent' => 'WordPress/' . $wp_version . '; ' . home_url( '/' ),
'body' => array(
'action' => $action,
'request' => serialize( $args )

View File

@ -301,7 +301,7 @@ function wp_update_plugins( $extra_stats = array() ) {
'locale' => wp_json_encode( $locales ),
'all' => wp_json_encode( true ),
),
'user-agent' => 'WordPress/' . $wp_version . '; ' . get_bloginfo( 'url' )
'user-agent' => 'WordPress/' . $wp_version . '; ' . home_url( '/' )
);
if ( $extra_stats ) {
@ -479,7 +479,7 @@ function wp_update_themes( $extra_stats = array() ) {
'translations' => wp_json_encode( $translations ),
'locale' => wp_json_encode( $locales ),
),
'user-agent' => 'WordPress/' . $wp_version . '; ' . get_bloginfo( 'url' )
'user-agent' => 'WordPress/' . $wp_version . '; ' . home_url( '/' )
);
if ( $extra_stats ) {