vhad/wordpress-develop
1
0
Fork 0
mirror of https://github.com/gosticks/wordpress-develop.git synced 2026-04-07 22:24:36 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Better validation of the URL used in core HTTP requests.

Browse Source 
git-svn-id: https://develop.svn.wordpress.org/trunk@24480 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Andrew Nacin
2013-06-21 06:07:47 +00:00
parent 5254ff0e4b
commit dfcf4b5eae
10 changed files with 92 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
wp-includes/class-wp-xmlrpc-server.php
View File

@@ -5396,7 +5396,8 @@ class wp_xmlrpc_server extends IXR_Server {
sleep(1);
// Let's check the remote site
$linea = wp_remote_retrieve_body( wp_remote_get( $pagelinkedfrom, array( 'timeout' => 10, 'redirection' => 0 ) ) );
$linea = wp_remote_retrieve_body( wp_remote_get( $pagelinkedfrom, array( 'timeout' => 10, 'redirection' => 0, 'reject_unsafe_urls' => true ) ) );
if ( !$linea )
return $this->pingback_error( 16, __( 'The source URL does not exist.' ) );