From 5a0e739cc721808b58825b6d6882745d905a7e30 Mon Sep 17 00:00:00 2001 From: Andrew Nacin Date: Mon, 29 Jul 2013 18:00:06 +0000 Subject: [PATCH] Limit pingback response size. fixes #4137. for trunk. git-svn-id: https://develop.svn.wordpress.org/trunk@24871 602fd350-edb4-49c9-b593-d223f7449a82 --- wp-includes/class-wp-xmlrpc-server.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/wp-includes/class-wp-xmlrpc-server.php b/wp-includes/class-wp-xmlrpc-server.php index 1f6e113ac8..90b4a9cb50 100644 --- a/wp-includes/class-wp-xmlrpc-server.php +++ b/wp-includes/class-wp-xmlrpc-server.php @@ -5389,7 +5389,13 @@ class wp_xmlrpc_server extends IXR_Server { sleep(1); // Let's check the remote site - $linea = wp_remote_retrieve_body( wp_remote_get( $pagelinkedfrom, array( 'timeout' => 10, 'redirection' => 0, 'reject_unsafe_urls' => true ) ) ); + $http_api_args = array( + 'timeout' => 10, + 'redirection' => 0, + 'reject_unsafe_urls' => true, + 'limit_response_size' => 153600, // 150 KB + ); + $linea = wp_remote_retrieve_body( wp_remote_get( $pagelinkedfrom, $http_api_args ) ); if ( !$linea ) return $this->pingback_error( 16, __( 'The source URL does not exist.' ) );