Current Path: > home > transcarter > public_html > > wp-includes
Operation : Linux host59.registrar-servers.com 4.18.0-513.18.1.lve.2.el8.x86_64 #1 SMP Sat Mar 30 15:36:11 UTC 2024 x86_64 Software : Apache Server IP : 198.54.126.42 | Your IP: 216.73.216.135 Domains : 1034 Domain(s) Permission : [ 0755 ]
| Name | Type | Size | Last Modified | Actions |
|---|---|---|---|---|
| ID3 | Directory | - | - | |
| IXR | Directory | - | - | |
| PHPMailer | Directory | - | - | |
| Requests | Directory | - | - | |
| SimplePie | Directory | - | - | |
| Text | Directory | - | - | |
| assets | Directory | - | - | |
| block-bindings | Directory | - | - | |
| block-patterns | Directory | - | - | |
| block-supports | Directory | - | - | |
| blocks | Directory | - | - | |
| certificates | Directory | - | - | |
| css | Directory | - | - | |
| customize | Directory | - | - | |
| fonts | Directory | - | - | |
| html-api | Directory | - | - | |
| images | Directory | - | - | |
| interactivity-api | Directory | - | - | |
| js | Directory | - | - | |
| l10n | Directory | - | - | |
| php-compat | Directory | - | - | |
| pomo | Directory | - | - | |
| rest-api | Directory | - | - | |
| sitemaps | Directory | - | - | |
| sodium_compat | Directory | - | - | |
| style-engine | Directory | - | - | |
| theme-compat | Directory | - | - | |
| widgets | Directory | - | - | |
| admin-bar.php | File | 37100 bytes | September 03 2024 19:45:16. | |
| atomlib.php | File | 11950 bytes | April 21 2022 10:24:18. | |
| author-template.php | File | 18951 bytes | May 14 2023 16:58:24. | |
| block-bindings.php | File | 5594 bytes | June 12 2024 11:44:14. | |
| block-editor.php | File | 28166 bytes | June 04 2024 10:55:14. | |
| block-i18n.json | File | 316 bytes | August 11 2021 08:08:02. | |
| block-patterns.php | File | 13162 bytes | February 27 2024 21:05:12. | |
| block-template-utils.php | File | 56559 bytes | July 24 2024 13:40:16. | |
| block-template.php | File | 12376 bytes | March 06 2024 05:05:12. | |
| blocks.php | File | 97472 bytes | June 25 2024 11:45:18. | |
| bookmark-template.php | File | 12934 bytes | March 20 2024 11:49:10. | |
| bookmark.php | File | 15427 bytes | March 23 2024 13:20:12. | |
| cache-compat.php | File | 5969 bytes | October 10 2022 17:22:12. | |
| cache.php | File | 13474 bytes | October 10 2022 17:22:12. | |
| canonical.php | File | 34513 bytes | February 16 2024 23:34:12. | |
| capabilities.php | File | 40016 bytes | May 05 2024 13:35:20. | |
| category-template.php | File | 57003 bytes | September 25 2023 23:27:12. | |
| category.php | File | 12709 bytes | August 24 2023 08:01:16. | |
| class-IXR.php | File | 2543 bytes | February 06 2020 06:33:12. | |
| class-avif-info.php | File | 29615 bytes | April 26 2024 14:02:14. | |
| class-feed.php | File | 529 bytes | February 06 2020 06:33:12. | |
| class-http.php | File | 367 bytes | June 17 2022 10:20:14. | |
| class-json.php | File | 43684 bytes | February 03 2023 13:35:20. | |
| class-oembed.php | File | 401 bytes | June 17 2022 10:20:14. | |
| class-phpass.php | File | 6708 bytes | February 13 2023 09:08:24. | |
| class-phpmailer.php | File | 664 bytes | July 21 2020 11:58:02. | |
| class-pop3.php | File | 20969 bytes | February 11 2023 12:43:22. | |
| class-requests.php | File | 2237 bytes | April 05 2023 12:12:26. | |
| class-simplepie-interface.php | File | 1079 bytes | September 12 2022 14:47:14. | |
| class-simplepie.php | File | 98061 bytes | February 17 2024 13:25:10. | |
| class-smtp.php | File | 457 bytes | January 26 2021 13:45:58. | |
| class-snoopy.php | File | 37715 bytes | February 03 2023 13:35:20. | |
| class-walker-category-dropdown.php | File | 2469 bytes | September 14 2023 11:46:20. | |
| class-walker-category.php | File | 8477 bytes | September 08 2023 08:32:24. | |
| class-walker-comment.php | File | 14221 bytes | March 18 2024 14:46:14. | |
| class-walker-nav-menu.php | File | 11313 bytes | June 27 2023 14:26:28. | |
| class-walker-page-dropdown.php | File | 2710 bytes | September 14 2023 11:46:20. | |
| class-walker-page.php | File | 7612 bytes | September 14 2023 11:46:20. | |
| class-wp-admin-bar.php | File | 17874 bytes | July 18 2024 15:45:14. | |
| class-wp-ajax-response.php | File | 5266 bytes | September 12 2022 14:47:14. | |
| class-wp-application-passwords.php | File | 12854 bytes | May 08 2023 21:37:24. | |
| class-wp-block-bindings-registry.php | File | 8944 bytes | June 12 2024 11:44:14. | |
| class-wp-block-bindings-source.php | File | 2178 bytes | May 02 2024 12:19:14. | |
| class-wp-block-editor-context.php | File | 1350 bytes | September 12 2022 14:47:14. | |
| class-wp-block-list.php | File | 4757 bytes | November 01 2023 23:04:24. | |
| class-wp-block-parser-block.php | File | 2555 bytes | June 26 2023 23:45:38. | |
| class-wp-block-parser-frame.php | File | 1916 bytes | June 26 2023 23:45:38. | |
| class-wp-block-parser.php | File | 11532 bytes | May 02 2024 19:09:16. | |
| class-wp-block-pattern-categories-registry.php | File | 5371 bytes | September 12 2022 14:47:14. | |
| class-wp-block-patterns-registry.php | File | 11738 bytes | May 23 2024 17:35:14. | |
| class-wp-block-styles-registry.php | File | 6262 bytes | May 30 2024 07:54:08. | |
| class-wp-block-supports.php | File | 5566 bytes | May 06 2024 20:25:16. | |
| class-wp-block-template.php | File | 1951 bytes | June 23 2023 05:29:24. | |
| class-wp-block-type-registry.php | File | 5013 bytes | October 12 2023 11:34:34. | |
| class-wp-block-type.php | File | 17265 bytes | May 01 2024 23:01:10. | |
| class-wp-block.php | File | 19691 bytes | June 13 2024 07:57:16. | |
| class-wp-classic-to-block-menu-converter.php | File | 4088 bytes | August 21 2023 16:51:20. | |
| class-wp-comment-query.php | File | 48395 bytes | June 21 2024 16:26:14. | |
| class-wp-comment.php | File | 9372 bytes | August 24 2023 07:44:24. | |
| class-wp-customize-control.php | File | 25730 bytes | May 14 2024 15:49:10. | |
| class-wp-customize-manager.php | File | 202413 bytes | June 10 2024 21:12:18. | |
| class-wp-customize-nav-menus.php | File | 57384 bytes | June 03 2024 19:35:14. | |
| class-wp-customize-panel.php | File | 10670 bytes | September 10 2023 08:04:18. | |
| class-wp-customize-section.php | File | 11244 bytes | September 10 2023 08:04:18. | |
| class-wp-customize-setting.php | File | 29889 bytes | September 10 2023 08:04:18. | |
| class-wp-customize-widgets.php | File | 71520 bytes | May 14 2024 15:49:10. | |
| class-wp-date-query.php | File | 35726 bytes | February 16 2024 21:47:12. | |
| class-wp-dependencies.php | File | 14062 bytes | September 08 2023 08:32:24. | |
| class-wp-dependency.php | File | 2627 bytes | November 25 2022 15:12:16. | |
| class-wp-duotone.php | File | 40783 bytes | June 14 2024 11:18:12. | |
| class-wp-editor.php | File | 72177 bytes | June 20 2024 19:27:12. | |
| class-wp-embed.php | File | 15994 bytes | July 09 2023 19:17:30. | |
| class-wp-error.php | File | 7502 bytes | February 21 2023 16:39:20. | |
| class-wp-fatal-error-handler.php | File | 7948 bytes | December 16 2023 09:38:26. | |
| class-wp-feed-cache-transient.php | File | 2586 bytes | September 12 2022 14:47:14. | |
| class-wp-feed-cache.php | File | 969 bytes | August 10 2023 00:06:22. | |
| class-wp-hook.php | File | 16000 bytes | September 18 2023 11:41:18. | |
| class-wp-http-cookie.php | File | 7389 bytes | June 24 2023 16:17:24. | |
| class-wp-http-curl.php | File | 12541 bytes | September 21 2023 17:29:12. | |
| class-wp-http-encoding.php | File | 6689 bytes | June 22 2023 13:57:24. | |
| class-wp-http-ixr-client.php | File | 3501 bytes | September 12 2022 14:47:14. | |
| class-wp-http-proxy.php | File | 5980 bytes | June 22 2023 13:36:26. | |
| class-wp-http-requests-hooks.php | File | 2022 bytes | December 15 2022 21:32:18. | |
| class-wp-http-requests-response.php | File | 4400 bytes | October 11 2023 06:05:26. | |
| class-wp-http-response.php | File | 2977 bytes | September 12 2022 14:47:14. | |
| class-wp-http-streams.php | File | 16859 bytes | September 21 2023 17:29:12. | |
| class-wp-http.php | File | 40760 bytes | April 07 2024 10:18:18. | |
| class-wp-image-editor-gd.php | File | 18943 bytes | June 03 2024 19:27:12. | |
| class-wp-image-editor-imagick.php | File | 32104 bytes | June 14 2024 14:26:10. | |
| class-wp-image-editor.php | File | 17606 bytes | February 02 2024 17:48:16. | |
| class-wp-list-util.php | File | 7443 bytes | February 27 2024 22:38:16. | |
| class-wp-locale-switcher.php | File | 6630 bytes | January 25 2024 07:53:18. | |
| class-wp-locale.php | File | 16111 bytes | May 26 2024 19:51:14. | |
| class-wp-matchesmapregex.php | File | 1828 bytes | February 06 2024 01:25:14. | |
| class-wp-meta-query.php | File | 30531 bytes | April 22 2024 19:25:08. | |
| class-wp-metadata-lazyloader.php | File | 6833 bytes | May 11 2023 10:15:24. | |
| class-wp-navigation-fallback.php | File | 9211 bytes | October 06 2023 13:06:22. | |
| class-wp-network-query.php | File | 19857 bytes | June 21 2024 16:26:14. | |
| class-wp-network.php | File | 12288 bytes | May 13 2024 12:34:12. | |
| class-wp-object-cache.php | File | 17594 bytes | March 14 2023 15:55:20. | |
| class-wp-oembed-controller.php | File | 6905 bytes | March 06 2024 05:05:12. | |
| class-wp-oembed.php | File | 31475 bytes | June 07 2024 22:15:16. | |
| class-wp-paused-extensions-storage.php | File | 5090 bytes | February 16 2024 21:47:12. | |
| class-wp-plugin-dependencies.php | File | 25319 bytes | May 30 2024 14:15:10. | |
| class-wp-post-type.php | File | 30350 bytes | May 27 2024 14:24:14. | |
| class-wp-post.php | File | 6484 bytes | September 12 2022 14:47:14. | |
| class-wp-query.php | File | 154081 bytes | May 20 2024 20:21:16. | |
| class-wp-recovery-mode-cookie-service.php | File | 6877 bytes | October 04 2022 02:59:14. | |
| class-wp-recovery-mode-email-service.php | File | 11183 bytes | May 02 2023 14:45:22. | |
| class-wp-recovery-mode-key-service.php | File | 4601 bytes | December 24 2023 13:05:22. | |
| class-wp-recovery-mode-link-service.php | File | 3463 bytes | September 12 2022 14:47:14. | |
| class-wp-recovery-mode.php | File | 11435 bytes | May 02 2023 14:45:22. | |
| class-wp-rewrite.php | File | 63430 bytes | September 09 2023 08:28:26. | |
| class-wp-role.php | File | 2523 bytes | September 08 2023 08:32:24. | |
| class-wp-roles.php | File | 8580 bytes | July 28 2023 10:37:26. | |
| class-wp-script-modules.php | File | 13755 bytes | May 10 2024 08:09:18. | |
| class-wp-scripts.php | File | 27906 bytes | February 05 2024 09:43:12. | |
| class-wp-session-tokens.php | File | 7451 bytes | September 12 2022 14:47:14. | |
| class-wp-simplepie-file.php | File | 3377 bytes | August 10 2023 00:06:22. | |
| class-wp-simplepie-sanitize-kses.php | File | 1770 bytes | August 10 2023 00:06:22. | |
| class-wp-site-query.php | File | 31545 bytes | June 21 2024 16:26:14. | |
| class-wp-site.php | File | 7454 bytes | September 12 2022 14:47:14. | |
| class-wp-styles.php | File | 10898 bytes | May 02 2023 14:45:22. | |
| class-wp-tax-query.php | File | 19555 bytes | February 16 2024 21:47:12. | |
| class-wp-taxonomy.php | File | 18567 bytes | April 27 2023 22:15:18. | |
| class-wp-term-query.php | File | 41166 bytes | March 02 2024 13:38:08. | |
| class-wp-term.php | File | 5298 bytes | September 12 2022 14:47:14. | |
| class-wp-text-diff-renderer-inline.php | File | 979 bytes | February 14 2024 19:27:10. | |
| class-wp-text-diff-renderer-table.php | File | 18807 bytes | October 15 2023 13:55:24. | |
| class-wp-textdomain-registry.php | File | 10203 bytes | June 11 2024 13:27:18. | |
| class-wp-theme-json-data.php | File | 1809 bytes | June 04 2024 10:55:14. | |
| class-wp-theme-json-resolver.php | File | 34714 bytes | June 24 2024 09:33:16. | |
| class-wp-theme-json-schema.php | File | 7367 bytes | June 06 2024 07:02:16. | |
| class-wp-theme-json.php | File | 157322 bytes | September 04 2024 13:24:14. | |
| class-wp-theme.php | File | 65299 bytes | April 19 2024 16:59:16. | |
| class-wp-token-map.php | File | 28430 bytes | June 02 2024 14:16:14. | |
| class-wp-user-meta-session-tokens.php | File | 2990 bytes | January 09 2019 05:04:50. | |
| class-wp-user-query.php | File | 43654 bytes | May 19 2024 18:53:20. | |
| class-wp-user-request.php | File | 2222 bytes | September 12 2022 14:47:14. | |
| class-wp-user.php | File | 22827 bytes | February 16 2024 21:47:12. | |
| class-wp-walker.php | File | 13322 bytes | August 07 2024 18:47:10. | |
| class-wp-widget-factory.php | File | 3347 bytes | September 12 2022 14:47:14. | |
| class-wp-widget.php | File | 18386 bytes | August 25 2023 00:28:16. | |
| class-wp-xmlrpc-server.php | File | 214948 bytes | February 11 2024 19:14:20. | |
| class-wp.php | File | 26119 bytes | August 13 2023 09:31:24. | |
| class-wpdb.php | File | 118379 bytes | April 04 2024 14:13:14. | |
| class.wp-dependencies.php | File | 373 bytes | September 20 2022 13:17:12. | |
| class.wp-scripts.php | File | 343 bytes | September 20 2022 13:17:12. | |
| class.wp-styles.php | File | 338 bytes | September 20 2022 13:17:12. | |
| comment-template.php | File | 101738 bytes | July 18 2024 16:58:16. | |
| comment.php | File | 129226 bytes | June 13 2024 12:05:14. | |
| compat.php | File | 16467 bytes | July 18 2024 17:22:16. | |
| cron.php | File | 41582 bytes | May 02 2024 12:19:14. | |
| date.php | File | 400 bytes | June 17 2022 10:20:14. | |
| default-constants.php | File | 11238 bytes | April 17 2024 08:46:20. | |
| default-filters.php | File | 35490 bytes | June 11 2024 01:40:14. | |
| default-widgets.php | File | 2222 bytes | May 25 2021 07:27:58. | |
| deprecated.php | File | 186291 bytes | June 04 2024 06:39:10. | |
| embed-template-trigger.php | File | 373 bytes | September 12 2022 14:47:14. | |
| embed-template.php | File | 338 bytes | June 17 2022 10:20:14. | |
| embed.php | File | 37908 bytes | June 02 2024 21:02:16. | |
| error-protection.php | File | 4121 bytes | May 02 2023 14:45:22. | |
| error_log | File | 795153 bytes | August 07 2025 03:15:23. | |
| feed-atom-comments.php | File | 5504 bytes | March 04 2024 12:41:10. | |
| feed-atom.php | File | 3048 bytes | November 29 2021 09:52:00. | |
| feed-rdf.php | File | 2668 bytes | January 29 2020 00:45:18. | |
| feed-rss.php | File | 1189 bytes | January 29 2020 00:45:18. | |
| feed-rss2-comments.php | File | 4136 bytes | March 04 2024 12:41:10. | |
| feed-rss2.php | File | 3799 bytes | January 29 2020 00:45:18. | |
| feed.php | File | 23317 bytes | June 13 2024 19:50:14. | |
| fonts.php | File | 9441 bytes | June 05 2024 22:19:18. | |
| formatting.php | File | 335374 bytes | June 24 2024 13:42:10. | |
| functions.php | File | 280644 bytes | July 18 2024 17:22:16. | |
| functions.wp-scripts.php | File | 14558 bytes | May 26 2024 19:51:14. | |
| functions.wp-styles.php | File | 8583 bytes | May 26 2024 19:51:14. | |
| general-template.php | File | 169119 bytes | June 13 2024 13:48:06. | |
| global-styles-and-settings.php | File | 21424 bytes | July 12 2024 19:01:16. | |
| http.php | File | 25548 bytes | August 06 2025 04:48:37. | |
| https-detection.php | File | 5661 bytes | September 22 2023 18:08:20. | |
| https-migration.php | File | 4741 bytes | July 10 2023 21:38:26. | |
| kses.php | File | 74389 bytes | June 17 2024 11:04:12. | |
| l10n-object.php | File | 38 bytes | June 26 2025 11:42:43. | |
| l10n.php | File | 66655 bytes | August 06 2025 04:48:37. | |
| link-template.php | File | 156140 bytes | May 27 2024 15:29:16. | |
| load.php | File | 55353 bytes | May 10 2024 10:48:16. | |
| locale.php | File | 162 bytes | October 08 2019 16:19:04. | |
| media-template.php | File | 62218 bytes | July 24 2024 16:32:16. | |
| media.php | File | 210542 bytes | August 07 2024 18:43:12. | |
| meta.php | File | 64078 bytes | September 26 2023 14:32:20. | |
| ms-blogs.php | File | 25728 bytes | March 29 2024 10:42:14. | |
| ms-default-constants.php | File | 4921 bytes | June 13 2024 19:50:14. | |
| ms-default-filters.php | File | 6636 bytes | February 24 2023 01:23:20. | |
| ms-deprecated.php | File | 21759 bytes | April 12 2024 16:47:14. | |
| ms-files.php | File | 2711 bytes | August 23 2023 14:53:24. | |
| ms-functions.php | File | 91243 bytes | November 13 2023 11:13:28. | |
| ms-load.php | File | 19883 bytes | March 25 2024 16:19:18. | |
| ms-network.php | File | 3782 bytes | May 02 2023 10:26:24. | |
| ms-settings.php | File | 4124 bytes | June 22 2023 13:57:24. | |
| ms-site.php | File | 40346 bytes | May 04 2024 18:25:10. | |
| nav-menu-template.php | File | 25917 bytes | May 09 2024 14:16:14. | |
| nav-menu.php | File | 44145 bytes | May 08 2024 17:37:14. | |
| option.php | File | 100442 bytes | June 14 2024 14:21:10. | |
| pluggable-deprecated.php | File | 6263 bytes | January 11 2020 18:32:06. | |
| pluggable.php | File | 113181 bytes | April 13 2024 15:33:14. | |
| plugin.php | File | 35465 bytes | June 08 2023 06:54:22. | |
| post-formats.php | File | 7102 bytes | May 27 2024 15:29:16. | |
| post-template.php | File | 66814 bytes | June 01 2024 16:37:18. | |
| post-thumbnail-template.php | File | 10308 bytes | May 17 2023 17:31:24. | |
| post.php | File | 284273 bytes | June 18 2024 13:46:10. | |
| query.php | File | 37035 bytes | August 24 2023 08:01:16. | |
| registration-functions.php | File | 200 bytes | November 12 2020 11:17:08. | |
| registration.php | File | 200 bytes | November 12 2020 11:17:08. | |
| rest-api.php | File | 98466 bytes | June 02 2024 21:02:16. | |
| revision.php | File | 30906 bytes | May 06 2024 15:35:20. | |
| rewrite.php | File | 19514 bytes | July 11 2023 10:15:28. | |
| robots-template.php | File | 5185 bytes | April 06 2022 14:33:04. | |
| rss-functions.php | File | 255 bytes | November 16 2020 22:52:06. | |
| rss.php | File | 23107 bytes | June 13 2024 19:50:14. | |
| script-loader.php | File | 130296 bytes | June 13 2024 14:06:08. | |
| script-modules.php | File | 5978 bytes | May 26 2024 19:51:14. | |
| session.php | File | 258 bytes | February 06 2020 06:33:12. | |
| shortcodes.php | File | 24051 bytes | May 25 2024 02:04:12. | |
| sitemaps.php | File | 3238 bytes | May 15 2021 16:38:06. | |
| spl-autoload-compat.php | File | 441 bytes | November 12 2020 11:17:08. | |
| style-engine.php | File | 7563 bytes | May 03 2024 03:47:12. | |
| taxonomy.php | File | 175314 bytes | June 18 2024 03:12:12. | |
| template-canvas.php | File | 544 bytes | September 30 2023 23:22:28. | |
| template-loader.php | File | 3012 bytes | May 26 2020 08:37:10. | |
| template.php | File | 24154 bytes | February 21 2024 19:26:08. | |
| theme-i18n.json | File | 1245 bytes | June 24 2024 07:51:16. | |
| theme-previews.php | File | 2832 bytes | December 08 2023 06:32:24. | |
| theme-templates.php | File | 6223 bytes | October 13 2023 16:21:22. | |
| theme.json | File | 8704 bytes | June 12 2024 05:11:14. | |
| theme.php | File | 133979 bytes | June 13 2024 19:50:14. | |
| update.php | File | 36884 bytes | June 13 2024 19:50:14. | |
| user.php | File | 173735 bytes | June 05 2024 11:23:10. | |
| vars.php | File | 6489 bytes | April 04 2024 12:40:06. | |
| version.php | File | 961 bytes | August 06 2025 04:48:37. | |
| widgets.php | File | 70682 bytes | May 26 2024 19:51:14. | |
| wp-db.php | File | 445 bytes | July 21 2022 21:45:12. | |
| wp-diff.php | File | 647 bytes | February 06 2020 06:33:12. |
<?php
/**
* Core HTTP Request API
*
* Standardizes the HTTP requests for WordPress. Handles cookies, gzip encoding and decoding, chunk
* decoding, if HTTP 1.1 and various other difficult HTTP protocol implementations.
*
* @package WordPress
* @subpackage HTTP
*/
/**
* Returns the initialized WP_Http Object
*
* @since 2.7.0
* @access private
*
* @return WP_Http HTTP Transport object.
*/
function _wp_http_get_object() {
static $http = null;
if ( is_null( $http ) ) {
$http = new WP_Http();
}
return $http;
}
/**
* Retrieves the raw response from a safe HTTP request.
*
* This function is ideal when the HTTP request is being made to an arbitrary
* URL. The URL, and every URL it redirects to, are validated with wp_http_validate_url()
* to avoid Server Side Request Forgery attacks (SSRF).
*
* @since 3.6.0
*
* @see wp_remote_request() For more information on the response array format.
* @see WP_Http::request() For default arguments information.
* @see wp_http_validate_url() For more information about how the URL is validated.
*
* @link https://owasp.org/www-community/attacks/Server_Side_Request_Forgery
*
* @param string $url URL to retrieve.
* @param array $args Optional. Request arguments. Default empty array.
* See WP_Http::request() for information on accepted arguments.
* @return array|WP_Error The response or WP_Error on failure.
*/
function wp_safe_remote_request( $url, $args = array() ) {
$args['reject_unsafe_urls'] = true;
$http = _wp_http_get_object();
return $http->request( $url, $args );
}
/**
* Retrieves the raw response from a safe HTTP request using the GET method.
*
* This function is ideal when the HTTP request is being made to an arbitrary
* URL. The URL, and every URL it redirects to, are validated with wp_http_validate_url()
* to avoid Server Side Request Forgery attacks (SSRF).
*
* @since 3.6.0
*
* @see wp_remote_request() For more information on the response array format.
* @see WP_Http::request() For default arguments information.
* @see wp_http_validate_url() For more information about how the URL is validated.
*
* @link https://owasp.org/www-community/attacks/Server_Side_Request_Forgery
*
* @param string $url URL to retrieve.
* @param array $args Optional. Request arguments. Default empty array.
* See WP_Http::request() for information on accepted arguments.
* @return array|WP_Error The response or WP_Error on failure.
*/
function wp_safe_remote_get( $url, $args = array() ) {
$args['reject_unsafe_urls'] = true;
$http = _wp_http_get_object();
return $http->get( $url, $args );
}
/**
* Retrieves the raw response from a safe HTTP request using the POST method.
*
* This function is ideal when the HTTP request is being made to an arbitrary
* URL. The URL, and every URL it redirects to, are validated with wp_http_validate_url()
* to avoid Server Side Request Forgery attacks (SSRF).
*
* @since 3.6.0
*
* @see wp_remote_request() For more information on the response array format.
* @see WP_Http::request() For default arguments information.
* @see wp_http_validate_url() For more information about how the URL is validated.
*
* @link https://owasp.org/www-community/attacks/Server_Side_Request_Forgery
*
* @param string $url URL to retrieve.
* @param array $args Optional. Request arguments. Default empty array.
* See WP_Http::request() for information on accepted arguments.
* @return array|WP_Error The response or WP_Error on failure.
*/
function wp_safe_remote_post( $url, $args = array() ) {
$args['reject_unsafe_urls'] = true;
$http = _wp_http_get_object();
return $http->post( $url, $args );
}
/**
* Retrieves the raw response from a safe HTTP request using the HEAD method.
*
* This function is ideal when the HTTP request is being made to an arbitrary
* URL. The URL, and every URL it redirects to, are validated with wp_http_validate_url()
* to avoid Server Side Request Forgery attacks (SSRF).
*
* @since 3.6.0
*
* @see wp_remote_request() For more information on the response array format.
* @see WP_Http::request() For default arguments information.
* @see wp_http_validate_url() For more information about how the URL is validated.
*
* @link https://owasp.org/www-community/attacks/Server_Side_Request_Forgery
*
* @param string $url URL to retrieve.
* @param array $args Optional. Request arguments. Default empty array.
* See WP_Http::request() for information on accepted arguments.
* @return array|WP_Error The response or WP_Error on failure.
*/
function wp_safe_remote_head( $url, $args = array() ) {
$args['reject_unsafe_urls'] = true;
$http = _wp_http_get_object();
return $http->head( $url, $args );
}
/**
* Performs an HTTP request and returns its response.
*
* There are other API functions available which abstract away the HTTP method:
*
* - Default 'GET' for wp_remote_get()
* - Default 'POST' for wp_remote_post()
* - Default 'HEAD' for wp_remote_head()
*
* @since 2.7.0
*
* @see WP_Http::request() For information on default arguments.
*
* @param string $url URL to retrieve.
* @param array $args Optional. Request arguments. Default empty array.
* See WP_Http::request() for information on accepted arguments.
* @return array|WP_Error {
* The response array or a WP_Error on failure.
*
* @type string[] $headers Array of response headers keyed by their name.
* @type string $body Response body.
* @type array $response {
* Data about the HTTP response.
*
* @type int|false $code HTTP response code.
* @type string|false $message HTTP response message.
* }
* @type WP_HTTP_Cookie[] $cookies Array of response cookies.
* @type WP_HTTP_Requests_Response|null $http_response Raw HTTP response object.
* }
*/
function wp_remote_request( $url, $args = array() ) {
$http = _wp_http_get_object();
return $http->request( $url, $args );
}
/**
* Performs an HTTP request using the GET method and returns its response.
*
* @since 2.7.0
*
* @see wp_remote_request() For more information on the response array format.
* @see WP_Http::request() For default arguments information.
*
* @param string $url URL to retrieve.
* @param array $args Optional. Request arguments. Default empty array.
* See WP_Http::request() for information on accepted arguments.
* @return array|WP_Error The response or WP_Error on failure.
*/
function wp_remote_get( $url, $args = array() ) {
$http = _wp_http_get_object();
return $http->get( $url, $args );
}
/**
* Performs an HTTP request using the POST method and returns its response.
*
* @since 2.7.0
*
* @see wp_remote_request() For more information on the response array format.
* @see WP_Http::request() For default arguments information.
*
* @param string $url URL to retrieve.
* @param array $args Optional. Request arguments. Default empty array.
* See WP_Http::request() for information on accepted arguments.
* @return array|WP_Error The response or WP_Error on failure.
*/
function wp_remote_post( $url, $args = array() ) {
$http = _wp_http_get_object();
return $http->post( $url, $args );
}
/**
* Performs an HTTP request using the HEAD method and returns its response.
*
* @since 2.7.0
*
* @see wp_remote_request() For more information on the response array format.
* @see WP_Http::request() For default arguments information.
*
* @param string $url URL to retrieve.
* @param array $args Optional. Request arguments. Default empty array.
* See WP_Http::request() for information on accepted arguments.
* @return array|WP_Error The response or WP_Error on failure.
*/
function wp_remote_head( $url, $args = array() ) {
$http = _wp_http_get_object();
return $http->head( $url, $args );
}
/**
* Retrieves only the headers from the raw response.
*
* @since 2.7.0
* @since 4.6.0 Return value changed from an array to an WpOrg\Requests\Utility\CaseInsensitiveDictionary instance.
*
* @see \WpOrg\Requests\Utility\CaseInsensitiveDictionary
*
* @param array|WP_Error $response HTTP response.
* @return \WpOrg\Requests\Utility\CaseInsensitiveDictionary|array The headers of the response, or empty array
* if incorrect parameter given.
*/
function wp_remote_retrieve_headers( $response ) {
if ( is_wp_error( $response ) || ! isset( $response['headers'] ) ) {
return array();
}
return $response['headers'];
}
/**
* Retrieves a single header by name from the raw response.
*
* @since 2.7.0
*
* @param array|WP_Error $response HTTP response.
* @param string $header Header name to retrieve value from.
* @return array|string The header(s) value(s). Array if multiple headers with the same name are retrieved.
* Empty string if incorrect parameter given, or if the header doesn't exist.
*/
function wp_remote_retrieve_header( $response, $header ) {
if ( is_wp_error( $response ) || ! isset( $response['headers'] ) ) {
return '';
}
if ( isset( $response['headers'][ $header ] ) ) {
return $response['headers'][ $header ];
}
return '';
}
/**
* Retrieves only the response code from the raw response.
*
* Will return an empty string if incorrect parameter value is given.
*
* @since 2.7.0
*
* @param array|WP_Error $response HTTP response.
* @return int|string The response code as an integer. Empty string if incorrect parameter given.
*/
function wp_remote_retrieve_response_code( $response ) {
if ( is_wp_error( $response ) || ! isset( $response['response'] ) || ! is_array( $response['response'] ) ) {
return '';
}
return $response['response']['code'];
}
/**
* Retrieves only the response message from the raw response.
*
* Will return an empty string if incorrect parameter value is given.
*
* @since 2.7.0
*
* @param array|WP_Error $response HTTP response.
* @return string The response message. Empty string if incorrect parameter given.
*/
function wp_remote_retrieve_response_message( $response ) {
if ( is_wp_error( $response ) || ! isset( $response['response'] ) || ! is_array( $response['response'] ) ) {
return '';
}
return $response['response']['message'];
}
/**
* Retrieves only the body from the raw response.
*
* @since 2.7.0
*
* @param array|WP_Error $response HTTP response.
* @return string The body of the response. Empty string if no body or incorrect parameter given.
*/
function wp_remote_retrieve_body( $response ) {
if ( is_wp_error( $response ) || ! isset( $response['body'] ) ) {
return '';
}
return $response['body'];
}
/**
* Retrieves only the cookies from the raw response.
*
* @since 4.4.0
*
* @param array|WP_Error $response HTTP response.
* @return WP_Http_Cookie[] An array of `WP_Http_Cookie` objects from the response.
* Empty array if there are none, or the response is a WP_Error.
*/
function wp_remote_retrieve_cookies( $response ) {
if ( is_wp_error( $response ) || empty( $response['cookies'] ) ) {
return array();
}
return $response['cookies'];
}
/**
* Retrieves a single cookie by name from the raw response.
*
* @since 4.4.0
*
* @param array|WP_Error $response HTTP response.
* @param string $name The name of the cookie to retrieve.
* @return WP_Http_Cookie|string The `WP_Http_Cookie` object, or empty string
* if the cookie is not present in the response.
*/
function wp_remote_retrieve_cookie( $response, $name ) {
$cookies = wp_remote_retrieve_cookies( $response );
if ( empty( $cookies ) ) {
return '';
}
foreach ( $cookies as $cookie ) {
if ( $cookie->name === $name ) {
return $cookie;
}
}
return '';
}
/**
* Retrieves a single cookie's value by name from the raw response.
*
* @since 4.4.0
*
* @param array|WP_Error $response HTTP response.
* @param string $name The name of the cookie to retrieve.
* @return string The value of the cookie, or empty string
* if the cookie is not present in the response.
*/
function wp_remote_retrieve_cookie_value( $response, $name ) {
$cookie = wp_remote_retrieve_cookie( $response, $name );
if ( ! ( $cookie instanceof WP_Http_Cookie ) ) {
return '';
}
return $cookie->value;
}
/**
* Determines if there is an HTTP Transport that can process this request.
*
* @since 3.2.0
*
* @param array $capabilities Array of capabilities to test or a wp_remote_request() $args array.
* @param string $url Optional. If given, will check if the URL requires SSL and adds
* that requirement to the capabilities array.
*
* @return bool
*/
function wp_http_supports( $capabilities = array(), $url = null ) {
$http = _wp_http_get_object();
$capabilities = wp_parse_args( $capabilities );
$count = count( $capabilities );
// If we have a numeric $capabilities array, spoof a wp_remote_request() associative $args array.
if ( $count && count( array_filter( array_keys( $capabilities ), 'is_numeric' ) ) === $count ) {
$capabilities = array_combine( array_values( $capabilities ), array_fill( 0, $count, true ) );
}
if ( $url && ! isset( $capabilities['ssl'] ) ) {
$scheme = parse_url( $url, PHP_URL_SCHEME );
if ( 'https' === $scheme || 'ssl' === $scheme ) {
$capabilities['ssl'] = true;
}
}
return (bool) $http->_get_first_available_transport( $capabilities );
}
/**
* Gets the HTTP Origin of the current request.
*
* @since 3.4.0
*
* @return string URL of the origin. Empty string if no origin.
*/
function get_http_origin() {
$origin = '';
if ( ! empty( $_SERVER['HTTP_ORIGIN'] ) ) {
$origin = $_SERVER['HTTP_ORIGIN'];
}
/**
* Changes the origin of an HTTP request.
*
* @since 3.4.0
*
* @param string $origin The original origin for the request.
*/
return apply_filters( 'http_origin', $origin );
}
/**
* Retrieves list of allowed HTTP origins.
*
* @since 3.4.0
*
* @return string[] Array of origin URLs.
*/
function get_allowed_http_origins() {
$admin_origin = parse_url( admin_url() );
$home_origin = parse_url( home_url() );
// @todo Preserve port?
$allowed_origins = array_unique(
array(
'http://' . $admin_origin['host'],
'https://' . $admin_origin['host'],
'http://' . $home_origin['host'],
'https://' . $home_origin['host'],
)
);
/**
* Changes the origin types allowed for HTTP requests.
*
* @since 3.4.0
*
* @param string[] $allowed_origins {
* Array of default allowed HTTP origins.
*
* @type string $0 Non-secure URL for admin origin.
* @type string $1 Secure URL for admin origin.
* @type string $2 Non-secure URL for home origin.
* @type string $3 Secure URL for home origin.
* }
*/
return apply_filters( 'allowed_http_origins', $allowed_origins );
}
/**
* Determines if the HTTP origin is an authorized one.
*
* @since 3.4.0
*
* @param string|null $origin Origin URL. If not provided, the value of get_http_origin() is used.
* @return string Origin URL if allowed, empty string if not.
*/
function is_allowed_http_origin( $origin = null ) {
$origin_arg = $origin;
if ( null === $origin ) {
$origin = get_http_origin();
}
if ( $origin && ! in_array( $origin, get_allowed_http_origins(), true ) ) {
$origin = '';
}
/**
* Changes the allowed HTTP origin result.
*
* @since 3.4.0
*
* @param string $origin Origin URL if allowed, empty string if not.
* @param string $origin_arg Original origin string passed into is_allowed_http_origin function.
*/
return apply_filters( 'allowed_http_origin', $origin, $origin_arg );
}
/**
* Sends Access-Control-Allow-Origin and related headers if the current request
* is from an allowed origin.
*
* If the request is an OPTIONS request, the script exits with either access
* control headers sent, or a 403 response if the origin is not allowed. For
* other request methods, you will receive a return value.
*
* @since 3.4.0
*
* @return string|false Returns the origin URL if headers are sent. Returns false
* if headers are not sent.
*/
function send_origin_headers() {
$origin = get_http_origin();
if ( is_allowed_http_origin( $origin ) ) {
header( 'Access-Control-Allow-Origin: ' . $origin );
header( 'Access-Control-Allow-Credentials: true' );
if ( 'OPTIONS' === $_SERVER['REQUEST_METHOD'] ) {
exit;
}
return $origin;
}
if ( 'OPTIONS' === $_SERVER['REQUEST_METHOD'] ) {
status_header( 403 );
exit;
}
return false;
}
/**
* Validates a URL for safe use in the HTTP API.
*
* Examples of URLs that are considered unsafe:
*
* - ftp://example.com/caniload.php - Invalid protocol - only http and https are allowed.
* - http:///example.com/caniload.php - Malformed URL.
* - http://user:pass@example.com/caniload.php - Login information.
* - http://example.invalid/caniload.php - Invalid hostname, as the IP cannot be looked up in DNS.
*
* Examples of URLs that are considered unsafe by default:
*
* - http://192.168.0.1/caniload.php - IPs from LAN networks.
* This can be changed with the {@see 'http_request_host_is_external'} filter.
* - http://198.143.164.252:81/caniload.php - By default, only 80, 443, and 8080 ports are allowed.
* This can be changed with the {@see 'http_allowed_safe_ports'} filter.
*
* @since 3.5.2
*
* @param string $url Request URL.
* @return string|false URL or false on failure.
*/
function wp_http_validate_url( $url ) {
if ( ! is_string( $url ) || '' === $url || is_numeric( $url ) ) {
return false;
}
$original_url = $url;
$url = wp_kses_bad_protocol( $url, array( 'http', 'https' ) );
if ( ! $url || strtolower( $url ) !== strtolower( $original_url ) ) {
return false;
}
$parsed_url = parse_url( $url );
if ( ! $parsed_url || empty( $parsed_url['host'] ) ) {
return false;
}
if ( isset( $parsed_url['user'] ) || isset( $parsed_url['pass'] ) ) {
return false;
}
if ( false !== strpbrk( $parsed_url['host'], ':#?[]' ) ) {
return false;
}
$parsed_home = parse_url( get_option( 'home' ) );
$same_host = isset( $parsed_home['host'] ) && strtolower( $parsed_home['host'] ) === strtolower( $parsed_url['host'] );
$host = trim( $parsed_url['host'], '.' );
if ( ! $same_host ) {
if ( preg_match( '#^(([1-9]?\d|1\d\d|25[0-5]|2[0-4]\d)\.){3}([1-9]?\d|1\d\d|25[0-5]|2[0-4]\d)$#', $host ) ) {
$ip = $host;
} else {
$ip = gethostbyname( $host );
if ( $ip === $host ) { // Error condition for gethostbyname().
return false;
}
}
if ( $ip ) {
$parts = array_map( 'intval', explode( '.', $ip ) );
if ( 127 === $parts[0] || 10 === $parts[0] || 0 === $parts[0]
|| ( 172 === $parts[0] && 16 <= $parts[1] && 31 >= $parts[1] )
|| ( 192 === $parts[0] && 168 === $parts[1] )
) {
// If host appears local, reject unless specifically allowed.
/**
* Checks if HTTP request is external or not.
*
* Allows to change and allow external requests for the HTTP request.
*
* @since 3.6.0
*
* @param bool $external Whether HTTP request is external or not.
* @param string $host Host name of the requested URL.
* @param string $url Requested URL.
*/
if ( ! apply_filters( 'http_request_host_is_external', false, $host, $url ) ) {
return false;
}
}
}
}
if ( empty( $parsed_url['port'] ) ) {
return $url;
}
$port = $parsed_url['port'];
/**
* Controls the list of ports considered safe in HTTP API.
*
* Allows to change and allow external requests for the HTTP request.
*
* @since 5.9.0
*
* @param int[] $allowed_ports Array of integers for valid ports.
* @param string $host Host name of the requested URL.
* @param string $url Requested URL.
*/
$allowed_ports = apply_filters( 'http_allowed_safe_ports', array( 80, 443, 8080 ), $host, $url );
if ( is_array( $allowed_ports ) && in_array( $port, $allowed_ports, true ) ) {
return $url;
}
if ( $parsed_home && $same_host && isset( $parsed_home['port'] ) && $parsed_home['port'] === $port ) {
return $url;
}
return false;
}
/**
* Marks allowed redirect hosts safe for HTTP requests as well.
*
* Attached to the {@see 'http_request_host_is_external'} filter.
*
* @since 3.6.0
*
* @param bool $is_external
* @param string $host
* @return bool
*/
function allowed_http_request_hosts( $is_external, $host ) {
if ( ! $is_external && wp_validate_redirect( 'http://' . $host ) ) {
$is_external = true;
}
return $is_external;
}
/**
* Adds any domain in a multisite installation for safe HTTP requests to the
* allowed list.
*
* Attached to the {@see 'http_request_host_is_external'} filter.
*
* @since 3.6.0
*
* @global wpdb $wpdb WordPress database abstraction object.
*
* @param bool $is_external
* @param string $host
* @return bool
*/
function ms_allowed_http_request_hosts( $is_external, $host ) {
global $wpdb;
static $queried = array();
if ( $is_external ) {
return $is_external;
}
if ( get_network()->domain === $host ) {
return true;
}
if ( isset( $queried[ $host ] ) ) {
return $queried[ $host ];
}
$queried[ $host ] = (bool) $wpdb->get_var( $wpdb->prepare( "SELECT domain FROM $wpdb->blogs WHERE domain = %s LIMIT 1", $host ) );
return $queried[ $host ];
}
/**
* A wrapper for PHP's parse_url() function that handles consistency in the return values
* across PHP versions.
*
* PHP 5.4.7 expanded parse_url()'s ability to handle non-absolute URLs, including
* schemeless and relative URLs with "://" in the path. This function works around
* those limitations providing a standard output on PHP 5.2~5.4+.
*
* Secondly, across various PHP versions, schemeless URLs containing a ":" in the query
* are being handled inconsistently. This function works around those differences as well.
*
* @since 4.4.0
* @since 4.7.0 The `$component` parameter was added for parity with PHP's `parse_url()`.
*
* @link https://www.php.net/manual/en/function.parse-url.php
*
* @param string $url The URL to parse.
* @param int $component The specific component to retrieve. Use one of the PHP
* predefined constants to specify which one.
* Defaults to -1 (= return all parts as an array).
* @return mixed False on parse failure; Array of URL components on success;
* When a specific component has been requested: null if the component
* doesn't exist in the given URL; a string or - in the case of
* PHP_URL_PORT - integer when it does. See parse_url()'s return values.
*/
function wp_parse_url( $url, $component = -1 ) {
$to_unset = array();
$url = (string) $url;
if ( str_starts_with( $url, '//' ) ) {
$to_unset[] = 'scheme';
$url = 'placeholder:' . $url;
} elseif ( str_starts_with( $url, '/' ) ) {
$to_unset[] = 'scheme';
$to_unset[] = 'host';
$url = 'placeholder://placeholder' . $url;
}
$parts = parse_url( $url );
if ( false === $parts ) {
// Parsing failure.
return $parts;
}
// Remove the placeholder values.
foreach ( $to_unset as $key ) {
unset( $parts[ $key ] );
}
return _get_component_from_parsed_url_array( $parts, $component );
}
/**
* Retrieves a specific component from a parsed URL array.
*
* @internal
*
* @since 4.7.0
* @access private
*
* @link https://www.php.net/manual/en/function.parse-url.php
*
* @param array|false $url_parts The parsed URL. Can be false if the URL failed to parse.
* @param int $component The specific component to retrieve. Use one of the PHP
* predefined constants to specify which one.
* Defaults to -1 (= return all parts as an array).
* @return mixed False on parse failure; Array of URL components on success;
* When a specific component has been requested: null if the component
* doesn't exist in the given URL; a string or - in the case of
* PHP_URL_PORT - integer when it does. See parse_url()'s return values.
*/
function _get_component_from_parsed_url_array( $url_parts, $component = -1 ) {
if ( -1 === $component ) {
return $url_parts;
}
$key = _wp_translate_php_url_constant_to_key( $component );
if ( false !== $key && is_array( $url_parts ) && isset( $url_parts[ $key ] ) ) {
return $url_parts[ $key ];
} else {
return null;
}
}
/**
* Translates a PHP_URL_* constant to the named array keys PHP uses.
*
* @internal
*
* @since 4.7.0
* @access private
*
* @link https://www.php.net/manual/en/url.constants.php
*
* @param int $constant PHP_URL_* constant.
* @return string|false The named key or false.
*/
function _wp_translate_php_url_constant_to_key( $constant ) {
$translation = array(
PHP_URL_SCHEME => 'scheme',
PHP_URL_HOST => 'host',
PHP_URL_PORT => 'port',
PHP_URL_USER => 'user',
PHP_URL_PASS => 'pass',
PHP_URL_PATH => 'path',
PHP_URL_QUERY => 'query',
PHP_URL_FRAGMENT => 'fragment',
);
if ( isset( $translation[ $constant ] ) ) {
return $translation[ $constant ];
} else {
return false;
}
}
SILENT KILLER Tool