<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" /><style type="text/css"><!--
#msg dl { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fc0 solid; padding: 6px; }
#msg ul, pre { overflow: auto; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<title>[13149] trunk/wp-includes/http.php: Disable Redirection on HEAD requests.</title>
</head>
<body>
<div id="msg">
<dl>
<dt>Revision</dt> <dd><a href="http://trac.wordpress.org/changeset/13149">13149</a></dd>
<dt>Author</dt> <dd>dd32</dd>
<dt>Date</dt> <dd>2010-02-14 10:41:07 +0000 (Sun, 14 Feb 2010)</dd>
</dl>
<h3>Log Message</h3>
<pre>Disable Redirection on HEAD requests. See <a href="http://trac.wordpress.org/ticket/10624">#10624</a></pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkwpincludeshttpphp">trunk/wp-includes/http.php</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkwpincludeshttpphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-includes/http.php (13148 => 13149)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-includes/http.php 2010-02-14 10:39:46 UTC (rev 13148)
+++ trunk/wp-includes/http.php 2010-02-14 10:41:07 UTC (rev 13149)
</span><span class="lines">@@ -748,7 +748,7 @@
</span><span class="cx"> return new WP_Error('http_request_failed', $arrHeaders['response']['code'] . ': ' . $arrHeaders['response']['message']);
</span><span class="cx">
</span><span class="cx"> // If location is found, then assume redirect and redirect to location.
</span><del>- if ( isset($arrHeaders['headers']['location']) ) {
</del><ins>+ if ( 'HEAD' != $r['method'] && isset($arrHeaders['headers']['location']) ) {
</ins><span class="cx"> if ( $r['redirection']-- > 0 ) {
</span><span class="cx"> return $this->request($arrHeaders['headers']['location'], $r);
</span><span class="cx"> } else {
</span><span class="lines">@@ -915,8 +915,10 @@
</span><span class="cx"> if ( ! function_exists('fopen') || (function_exists('ini_get') && true != ini_get('allow_url_fopen')) )
</span><span class="cx"> return false;
</span><span class="cx">
</span><ins>+ if ( isset($args['method']) && 'HEAD' == $args['method'] ) //This transport cannot make a HEAD request
+ return false;
+
</ins><span class="cx"> $use = true;
</span><del>-
</del><span class="cx"> //PHP does not verify SSL certs, We can only make a request via this transports if SSL Verification is turned off.
</span><span class="cx"> $is_ssl = isset($args['ssl']) && $args['ssl'];
</span><span class="cx"> if ( $is_ssl ) {
</span><span class="lines">@@ -1010,6 +1012,7 @@
</span><span class="cx"> 'max_redirects' => $r['redirection'] + 1, // See #11557
</span><span class="cx"> 'protocol_version' => (float) $r['httpversion'],
</span><span class="cx"> 'header' => $strHeaders,
</span><ins>+ 'ignore_errors' => true, // Return non-200 requests.
</ins><span class="cx"> 'timeout' => $r['timeout'],
</span><span class="cx"> 'ssl' => array(
</span><span class="cx"> 'verify_peer' => $ssl_verify,
</span><span class="lines">@@ -1029,7 +1032,10 @@
</span><span class="cx"> $arrContext['http']['header'] .= $proxy->authentication_header() . "\r\n";
</span><span class="cx"> }
</span><span class="cx">
</span><del>- if ( ! is_null($r['body']) && ! empty($r['body'] ) )
</del><ins>+ if ( 'HEAD' == $r['method'] ) // Disable redirects for HEAD requests
+ $arrContext['http']['max_redirects'] = 1;
+
+ if ( ! empty($r['body'] ) )
</ins><span class="cx"> $arrContext['http']['content'] = $r['body'];
</span><span class="cx">
</span><span class="cx"> $context = stream_context_create($arrContext);
</span><span class="lines">@@ -1039,7 +1045,7 @@
</span><span class="cx"> else
</span><span class="cx"> $handle = fopen($url, 'r', false, $context);
</span><span class="cx">
</span><del>- if ( ! $handle)
</del><ins>+ if ( ! $handle )
</ins><span class="cx"> return new WP_Error('http_request_failed', sprintf(__('Could not open handle for fopen() to %s'), $url));
</span><span class="cx">
</span><span class="cx"> $timeout = (int) floor( $r['timeout'] );
</span><span class="lines">@@ -1190,6 +1196,9 @@
</span><span class="cx"> )
</span><span class="cx"> );
</span><span class="cx">
</span><ins>+ if ( HTTP_METH_HEAD == $r['method'] )
+ $options['redirect'] = 0; // Assumption: Docs seem to suggest that this means do not follow. Untested.
+
</ins><span class="cx"> // The HTTP extensions offers really easy proxy support.
</span><span class="cx"> $proxy = new WP_HTTP_Proxy();
</span><span class="cx">
</span><span class="lines">@@ -1358,7 +1367,8 @@
</span><span class="cx"> curl_setopt( $handle, CURLOPT_HEADER, false );
</span><span class="cx">
</span><span class="cx"> // The option doesn't work with safe mode or when open_basedir is set.
</span><del>- if ( !ini_get('safe_mode') && !ini_get('open_basedir') )
</del><ins>+ // Disable HEAD when making HEAD requests.
+ if ( !ini_get('safe_mode') && !ini_get('open_basedir') && 'HEAD' != $r['method'] )
</ins><span class="cx"> curl_setopt( $handle, CURLOPT_FOLLOWLOCATION, true );
</span><span class="cx">
</span><span class="cx"> if ( !empty( $r['headers'] ) ) {
</span><span class="lines">@@ -2165,4 +2175,4 @@
</span><span class="cx"> return $response['body'];
</span><span class="cx"> }
</span><span class="cx">
</span><del>-?>
</del><ins>+?>
</ins><span class="cx">\ No newline at end of file
</span></span></pre>
</div>
</div>
</body>
</html>