[wp-hackers] stop HTTP requests made behind one's back
Jennifer Hodgdon
yahgrp at poplarware.com
Wed Feb 18 16:23:15 GMT 2009
I took a look at the code, to see if this would be easy/possible. I
looked at the 2.8-bleeding code; not sure about 2.7.x.
Anyway, it looks to me as though there are a bunch of filters like
'use_http_curl_transport', etc., in http.php. If you create a plugin
that returns FALSE for all of these, you would probably make all
outgoing HTTP/HTTPS requests fail without trying to go out and get
data. So you don't have to "rip up" http.php, just disable all its
mechanisms for escaping. [See wp-includes/http.php, functions
WP_Http->_getTransport() and _postTransport()]
That's assuming that all HTTP/HTTPS requests are going through the
code in http.php. I'm not sure whether this is the case or not... ???
It also looks like it would be easy to patch core to do something like
$working_transport = apply_filter( 'working_transport',
$working_transport);
(and similar for blocking transport), after it tries all the
transports it knows about, to allow plugins to define their own
"transport" mechanisms (such as using proxies). Maybe those who care
about such things should work this out and suggest it?
--Jennifer
jidanni at jidanni.org wrote:
> HOW ODD, I said to myself, WordPress seems to make a lot of outbound
> HTTP requests, from the minute you first install it.
[...]
> How is one to install WordPress on a military or intranet where making
> HTTP requests to the Internet is not allowed?
>
> Just rip up wp-includes/http.php? That won't stop other parts of the
> code from then futilely hammering it even more.
--
Jennifer Hodgdon * Poplar ProductivityWare
www.poplarware.com
Drupal/WordPress Sites, Themes, Modules/Plugins
Custom Web Programming, Web Databases
PHP, Perl, MySQL, JavaScript, XML, AJAX
More information about the wp-hackers
mailing list