/wp-includes/http.php

  1. <?php 
  2. /** 
  3. * Core HTTP Request API 
  4. * 
  5. * Standardizes the HTTP requests for WordPress. Handles cookies, gzip encoding and decoding, chunk 
  6. * decoding, if HTTP 1.1 and various other difficult HTTP protocol implementations. 
  7. * 
  8. * @package WordPress 
  9. * @subpackage HTTP 
  10. */ 
  11.  
  12. /** 
  13. * Returns the initialized WP_Http Object 
  14. * 
  15. * @since 2.7.0 
  16. * @access private 
  17. * 
  18. * @staticvar WP_Http $http 
  19. * 
  20. * @return WP_Http HTTP Transport object. 
  21. */ 
  22. function _wp_http_get_object() { 
  23. static $http = null; 
  24.  
  25. if ( is_null( $http ) ) { 
  26. $http = new WP_Http(); 
  27. return $http; 
  28.  
  29. /** 
  30. * Retrieve the raw response from a safe HTTP request. 
  31. * 
  32. * This function is ideal when the HTTP request is being made to an arbitrary 
  33. * URL. The URL is validated to avoid redirection and request forgery attacks. 
  34. * 
  35. * @since 3.6.0 
  36. * 
  37. * @see wp_remote_request() For more information on the response array format. 
  38. * @see WP_Http::request() For default arguments information. 
  39. * 
  40. * @param string $url Site URL to retrieve. 
  41. * @param array $args Optional. Request arguments. Default empty array. 
  42. * @return WP_Error|array The response or WP_Error on failure. 
  43. */ 
  44. function wp_safe_remote_request( $url, $args = array() ) { 
  45. $args['reject_unsafe_urls'] = true; 
  46. $http = _wp_http_get_object(); 
  47. return $http->request( $url, $args ); 
  48.  
  49. /** 
  50. * Retrieve the raw response from a safe HTTP request using the GET method. 
  51. * 
  52. * This function is ideal when the HTTP request is being made to an arbitrary 
  53. * URL. The URL is validated to avoid redirection and request forgery attacks. 
  54. * 
  55. * @since 3.6.0 
  56. * 
  57. * @see wp_remote_request() For more information on the response array format. 
  58. * @see WP_Http::request() For default arguments information. 
  59. * 
  60. * @param string $url Site URL to retrieve. 
  61. * @param array $args Optional. Request arguments. Default empty array. 
  62. * @return WP_Error|array The response or WP_Error on failure. 
  63. */ 
  64. function wp_safe_remote_get( $url, $args = array() ) { 
  65. $args['reject_unsafe_urls'] = true; 
  66. $http = _wp_http_get_object(); 
  67. return $http->get( $url, $args ); 
  68.  
  69. /** 
  70. * Retrieve the raw response from a safe HTTP request using the POST method. 
  71. * 
  72. * This function is ideal when the HTTP request is being made to an arbitrary 
  73. * URL. The URL is validated to avoid redirection and request forgery attacks. 
  74. * 
  75. * @since 3.6.0 
  76. * 
  77. * @see wp_remote_request() For more information on the response array format. 
  78. * @see WP_Http::request() For default arguments information. 
  79. * 
  80. * @param string $url Site URL to retrieve. 
  81. * @param array $args Optional. Request arguments. Default empty array. 
  82. * @return WP_Error|array The response or WP_Error on failure. 
  83. */ 
  84. function wp_safe_remote_post( $url, $args = array() ) { 
  85. $args['reject_unsafe_urls'] = true; 
  86. $http = _wp_http_get_object(); 
  87. return $http->post( $url, $args ); 
  88.  
  89. /** 
  90. * Retrieve the raw response from a safe HTTP request using the HEAD method. 
  91. * 
  92. * This function is ideal when the HTTP request is being made to an arbitrary 
  93. * URL. The URL is validated to avoid redirection and request forgery attacks. 
  94. * 
  95. * @since 3.6.0 
  96. * 
  97. * @see wp_remote_request() For more information on the response array format. 
  98. * @see WP_Http::request() For default arguments information. 
  99. * 
  100. * @param string $url Site URL to retrieve. 
  101. * @param array $args Optional. Request arguments. Default empty array. 
  102. * @return WP_Error|array The response or WP_Error on failure. 
  103. */ 
  104. function wp_safe_remote_head( $url, $args = array() ) { 
  105. $args['reject_unsafe_urls'] = true; 
  106. $http = _wp_http_get_object(); 
  107. return $http->head( $url, $args ); 
  108.  
  109. /** 
  110. * Retrieve the raw response from the HTTP request. 
  111. * 
  112. * The array structure is a little complex: 
  113. * 
  114. * $res = array( 
  115. * 'headers' => array(),  
  116. * 'response' => array( 
  117. * 'code' => int,  
  118. * 'message' => string 
  119. * ) 
  120. * ); 
  121. * 
  122. * All of the headers in $res['headers'] are with the name as the key and the 
  123. * value as the value. So to get the User-Agent, you would do the following. 
  124. * 
  125. * $user_agent = $res['headers']['user-agent']; 
  126. * 
  127. * The body is the raw response content and can be retrieved from $res['body']. 
  128. * 
  129. * This function is called first to make the request and there are other API 
  130. * functions to abstract out the above convoluted setup. 
  131. * 
  132. * Request method defaults for helper functions: 
  133. * - Default 'GET' for wp_remote_get() 
  134. * - Default 'POST' for wp_remote_post() 
  135. * - Default 'HEAD' for wp_remote_head() 
  136. * 
  137. * @since 2.7.0 
  138. * 
  139. * @see WP_Http::request() For additional information on default arguments. 
  140. * 
  141. * @param string $url Site URL to retrieve. 
  142. * @param array $args Optional. Request arguments. Default empty array. 
  143. * @return WP_Error|array The response or WP_Error on failure. 
  144. */ 
  145. function wp_remote_request($url, $args = array()) { 
  146. $http = _wp_http_get_object(); 
  147. return $http->request( $url, $args ); 
  148.  
  149. /** 
  150. * Retrieve the raw response from the HTTP request using the GET method. 
  151. * 
  152. * @since 2.7.0 
  153. * 
  154. * @see wp_remote_request() For more information on the response array format. 
  155. * @see WP_Http::request() For default arguments information. 
  156. * 
  157. * @param string $url Site URL to retrieve. 
  158. * @param array $args Optional. Request arguments. Default empty array. 
  159. * @return WP_Error|array The response or WP_Error on failure. 
  160. */ 
  161. function wp_remote_get($url, $args = array()) { 
  162. $http = _wp_http_get_object(); 
  163. return $http->get( $url, $args ); 
  164.  
  165. /** 
  166. * Retrieve the raw response from the HTTP request using the POST method. 
  167. * 
  168. * @since 2.7.0 
  169. * 
  170. * @see wp_remote_request() For more information on the response array format. 
  171. * @see WP_Http::request() For default arguments information. 
  172. * 
  173. * @param string $url Site URL to retrieve. 
  174. * @param array $args Optional. Request arguments. Default empty array. 
  175. * @return WP_Error|array The response or WP_Error on failure. 
  176. */ 
  177. function wp_remote_post($url, $args = array()) { 
  178. $http = _wp_http_get_object(); 
  179. return $http->post( $url, $args ); 
  180.  
  181. /** 
  182. * Retrieve the raw response from the HTTP request using the HEAD method. 
  183. * 
  184. * @since 2.7.0 
  185. * 
  186. * @see wp_remote_request() For more information on the response array format. 
  187. * @see WP_Http::request() For default arguments information. 
  188. * 
  189. * @param string $url Site URL to retrieve. 
  190. * @param array $args Optional. Request arguments. Default empty array. 
  191. * @return WP_Error|array The response or WP_Error on failure. 
  192. */ 
  193. function wp_remote_head($url, $args = array()) { 
  194. $http = _wp_http_get_object(); 
  195. return $http->head( $url, $args ); 
  196.  
  197. /** 
  198. * Retrieve only the headers from the raw response. 
  199. * 
  200. * @since 2.7.0 
  201. * @since 4.6.0 Return value changed from an array to an Requests_Utility_CaseInsensitiveDictionary instance. 
  202. * 
  203. * @see \Requests_Utility_CaseInsensitiveDictionary 
  204. * 
  205. * @param array $response HTTP response. 
  206. * @return array|\Requests_Utility_CaseInsensitiveDictionary The headers of the response. Empty array if incorrect parameter given. 
  207. */ 
  208. function wp_remote_retrieve_headers( $response ) { 
  209. if ( is_wp_error( $response ) || ! isset( $response['headers'] ) ) { 
  210. return array(); 
  211.  
  212. return $response['headers']; 
  213.  
  214. /** 
  215. * Retrieve a single header by name from the raw response. 
  216. * 
  217. * @since 2.7.0 
  218. * 
  219. * @param array $response 
  220. * @param string $header Header name to retrieve value from. 
  221. * @return string The header value. Empty string on if incorrect parameter given, or if the header doesn't exist. 
  222. */ 
  223. function wp_remote_retrieve_header( $response, $header ) { 
  224. if ( is_wp_error( $response ) || ! isset( $response['headers'] ) ) { 
  225. return ''; 
  226.  
  227. if ( isset( $response['headers'][ $header ] ) ) { 
  228. return $response['headers'][$header]; 
  229.  
  230. return ''; 
  231.  
  232. /** 
  233. * Retrieve only the response code from the raw response. 
  234. * 
  235. * Will return an empty array if incorrect parameter value is given. 
  236. * 
  237. * @since 2.7.0 
  238. * 
  239. * @param array $response HTTP response. 
  240. * @return int|string The response code as an integer. Empty string on incorrect parameter given. 
  241. */ 
  242. function wp_remote_retrieve_response_code( $response ) { 
  243. if ( is_wp_error($response) || ! isset($response['response']) || ! is_array($response['response'])) 
  244. return ''; 
  245.  
  246. return $response['response']['code']; 
  247.  
  248. /** 
  249. * Retrieve only the response message from the raw response. 
  250. * 
  251. * Will return an empty array if incorrect parameter value is given. 
  252. * 
  253. * @since 2.7.0 
  254. * 
  255. * @param array $response HTTP response. 
  256. * @return string The response message. Empty string on incorrect parameter given. 
  257. */ 
  258. function wp_remote_retrieve_response_message( $response ) { 
  259. if ( is_wp_error($response) || ! isset($response['response']) || ! is_array($response['response'])) 
  260. return ''; 
  261.  
  262. return $response['response']['message']; 
  263.  
  264. /** 
  265. * Retrieve only the body from the raw response. 
  266. * 
  267. * @since 2.7.0 
  268. * 
  269. * @param array $response HTTP response. 
  270. * @return string The body of the response. Empty string if no body or incorrect parameter given. 
  271. */ 
  272. function wp_remote_retrieve_body( $response ) { 
  273. if ( is_wp_error($response) || ! isset($response['body']) ) 
  274. return ''; 
  275.  
  276. return $response['body']; 
  277.  
  278. /** 
  279. * Retrieve only the cookies from the raw response. 
  280. * 
  281. * @since 4.4.0 
  282. * 
  283. * @param array $response HTTP response. 
  284. * @return array An array of `WP_Http_Cookie` objects from the response. Empty array if there are none, or the response is a WP_Error. 
  285. */ 
  286. function wp_remote_retrieve_cookies( $response ) { 
  287. if ( is_wp_error( $response ) || empty( $response['cookies'] ) ) { 
  288. return array(); 
  289.  
  290. return $response['cookies']; 
  291.  
  292. /** 
  293. * Retrieve a single cookie by name from the raw response. 
  294. * 
  295. * @since 4.4.0 
  296. * 
  297. * @param array $response HTTP response. 
  298. * @param string $name The name of the cookie to retrieve. 
  299. * @return WP_Http_Cookie|string The `WP_Http_Cookie` object. Empty string if the cookie isn't present in the response. 
  300. */ 
  301. function wp_remote_retrieve_cookie( $response, $name ) { 
  302. $cookies = wp_remote_retrieve_cookies( $response ); 
  303.  
  304. if ( empty( $cookies ) ) { 
  305. return ''; 
  306.  
  307. foreach ( $cookies as $cookie ) { 
  308. if ( $cookie->name === $name ) { 
  309. return $cookie; 
  310.  
  311. return ''; 
  312.  
  313. /** 
  314. * Retrieve a single cookie's value by name from the raw response. 
  315. * 
  316. * @since 4.4.0 
  317. * 
  318. * @param array $response HTTP response. 
  319. * @param string $name The name of the cookie to retrieve. 
  320. * @return string The value of the cookie. Empty string if the cookie isn't present in the response. 
  321. */ 
  322. function wp_remote_retrieve_cookie_value( $response, $name ) { 
  323. $cookie = wp_remote_retrieve_cookie( $response, $name ); 
  324.  
  325. if ( ! is_a( $cookie, 'WP_Http_Cookie' ) ) { 
  326. return ''; 
  327.  
  328. return $cookie->value; 
  329.  
  330. /** 
  331. * Determines if there is an HTTP Transport that can process this request. 
  332. * 
  333. * @since 3.2.0 
  334. * 
  335. * @param array $capabilities Array of capabilities to test or a wp_remote_request() $args array. 
  336. * @param string $url Optional. If given, will check if the URL requires SSL and adds 
  337. * that requirement to the capabilities array. 
  338. * 
  339. * @return bool 
  340. */ 
  341. function wp_http_supports( $capabilities = array(), $url = null ) { 
  342. $http = _wp_http_get_object(); 
  343.  
  344. $capabilities = wp_parse_args( $capabilities ); 
  345.  
  346. $count = count( $capabilities ); 
  347.  
  348. // If we have a numeric $capabilities array, spoof a wp_remote_request() associative $args array 
  349. if ( $count && count( array_filter( array_keys( $capabilities ), 'is_numeric' ) ) == $count ) { 
  350. $capabilities = array_combine( array_values( $capabilities ), array_fill( 0, $count, true ) ); 
  351.  
  352. if ( $url && !isset( $capabilities['ssl'] ) ) { 
  353. $scheme = parse_url( $url, PHP_URL_SCHEME ); 
  354. if ( 'https' == $scheme || 'ssl' == $scheme ) { 
  355. $capabilities['ssl'] = true; 
  356.  
  357. return (bool) $http->_get_first_available_transport( $capabilities ); 
  358.  
  359. /** 
  360. * Get the HTTP Origin of the current request. 
  361. * 
  362. * @since 3.4.0 
  363. * 
  364. * @return string URL of the origin. Empty string if no origin. 
  365. */ 
  366. function get_http_origin() { 
  367. $origin = ''; 
  368. if ( ! empty ( $_SERVER[ 'HTTP_ORIGIN' ] ) ) 
  369. $origin = $_SERVER[ 'HTTP_ORIGIN' ]; 
  370.  
  371. /** 
  372. * Change the origin of an HTTP request. 
  373. * 
  374. * @since 3.4.0 
  375. * 
  376. * @param string $origin The original origin for the request. 
  377. */ 
  378. return apply_filters( 'http_origin', $origin ); 
  379.  
  380. /** 
  381. * Retrieve list of allowed HTTP origins. 
  382. * 
  383. * @since 3.4.0 
  384. * 
  385. * @return array Array of origin URLs. 
  386. */ 
  387. function get_allowed_http_origins() { 
  388. $admin_origin = parse_url( admin_url() ); 
  389. $home_origin = parse_url( home_url() ); 
  390.  
  391. // @todo preserve port? 
  392. $allowed_origins = array_unique( array( 
  393. 'http://' . $admin_origin[ 'host' ],  
  394. 'https://' . $admin_origin[ 'host' ],  
  395. 'http://' . $home_origin[ 'host' ],  
  396. 'https://' . $home_origin[ 'host' ],  
  397. ) ); 
  398.  
  399. /** 
  400. * Change the origin types allowed for HTTP requests. 
  401. * 
  402. * @since 3.4.0 
  403. * 
  404. * @param array $allowed_origins { 
  405. * Default allowed HTTP origins. 
  406. * @type string Non-secure URL for admin origin. 
  407. * @type string Secure URL for admin origin. 
  408. * @type string Non-secure URL for home origin. 
  409. * @type string Secure URL for home origin. 
  410. * } 
  411. */ 
  412. return apply_filters( 'allowed_http_origins' , $allowed_origins ); 
  413.  
  414. /** 
  415. * Determines if the HTTP origin is an authorized one. 
  416. * 
  417. * @since 3.4.0 
  418. * 
  419. * @param null|string $origin Origin URL. If not provided, the value of get_http_origin() is used. 
  420. * @return string Origin URL if allowed, empty string if not. 
  421. */ 
  422. function is_allowed_http_origin( $origin = null ) { 
  423. $origin_arg = $origin; 
  424.  
  425. if ( null === $origin ) 
  426. $origin = get_http_origin(); 
  427.  
  428. if ( $origin && ! in_array( $origin, get_allowed_http_origins() ) ) 
  429. $origin = ''; 
  430.  
  431. /** 
  432. * Change the allowed HTTP origin result. 
  433. * 
  434. * @since 3.4.0 
  435. * 
  436. * @param string $origin Origin URL if allowed, empty string if not. 
  437. * @param string $origin_arg Original origin string passed into is_allowed_http_origin function. 
  438. */ 
  439. return apply_filters( 'allowed_http_origin', $origin, $origin_arg ); 
  440.  
  441. /** 
  442. * Send Access-Control-Allow-Origin and related headers if the current request 
  443. * is from an allowed origin. 
  444. * 
  445. * If the request is an OPTIONS request, the script exits with either access 
  446. * control headers sent, or a 403 response if the origin is not allowed. For 
  447. * other request methods, you will receive a return value. 
  448. * 
  449. * @since 3.4.0 
  450. * 
  451. * @return string|false Returns the origin URL if headers are sent. Returns false 
  452. * if headers are not sent. 
  453. */ 
  454. function send_origin_headers() { 
  455. $origin = get_http_origin(); 
  456.  
  457. if ( is_allowed_http_origin( $origin ) ) { 
  458. @header( 'Access-Control-Allow-Origin: ' . $origin ); 
  459. @header( 'Access-Control-Allow-Credentials: true' ); 
  460. if ( 'OPTIONS' === $_SERVER['REQUEST_METHOD'] ) 
  461. exit; 
  462. return $origin; 
  463.  
  464. if ( 'OPTIONS' === $_SERVER['REQUEST_METHOD'] ) { 
  465. status_header( 403 ); 
  466. exit; 
  467.  
  468. return false; 
  469.  
  470. /** 
  471. * Validate a URL for safe use in the HTTP API. 
  472. * 
  473. * @since 3.5.2 
  474. * 
  475. * @param string $url 
  476. * @return false|string URL or false on failure. 
  477. */ 
  478. function wp_http_validate_url( $url ) { 
  479. $original_url = $url; 
  480. $url = wp_kses_bad_protocol( $url, array( 'http', 'https' ) ); 
  481. if ( ! $url || strtolower( $url ) !== strtolower( $original_url ) ) 
  482. return false; 
  483.  
  484. $parsed_url = @parse_url( $url ); 
  485. if ( ! $parsed_url || empty( $parsed_url['host'] ) ) 
  486. return false; 
  487.  
  488. if ( isset( $parsed_url['user'] ) || isset( $parsed_url['pass'] ) ) 
  489. return false; 
  490.  
  491. if ( false !== strpbrk( $parsed_url['host'], ':#?[]' ) ) 
  492. return false; 
  493.  
  494. $parsed_home = @parse_url( get_option( 'home' ) ); 
  495.  
  496. if ( isset( $parsed_home['host'] ) ) { 
  497. $same_host = ( strtolower( $parsed_home['host'] ) === strtolower( $parsed_url['host'] ) || 'localhost' === strtolower( $parsed_url['host'] ) ); 
  498. } else { 
  499. $same_host = false; 
  500.  
  501. if ( ! $same_host ) { 
  502. $host = trim( $parsed_url['host'], '.' ); 
  503. if ( preg_match( '#^(([1-9]?\d|1\d\d|25[0-5]|2[0-4]\d)\.) {3}([1-9]?\d|1\d\d|25[0-5]|2[0-4]\d)$#', $host ) ) { 
  504. $ip = $host; 
  505. } else { 
  506. $ip = gethostbyname( $host ); 
  507. if ( $ip === $host ) // Error condition for gethostbyname() 
  508. $ip = false; 
  509. if ( $ip ) { 
  510. $parts = array_map( 'intval', explode( '.', $ip ) ); 
  511. if ( 127 === $parts[0] || 10 === $parts[0] || 0 === $parts[0] 
  512. || ( 172 === $parts[0] && 16 <= $parts[1] && 31 >= $parts[1] ) 
  513. || ( 192 === $parts[0] && 168 === $parts[1] ) 
  514. ) { 
  515. // If host appears local, reject unless specifically allowed. 
  516. /** 
  517. * Check if HTTP request is external or not. 
  518. * 
  519. * Allows to change and allow external requests for the HTTP request. 
  520. * 
  521. * @since 3.6.0 
  522. * 
  523. * @param bool false Whether HTTP request is external or not. 
  524. * @param string $host IP of the requested host. 
  525. * @param string $url URL of the requested host. 
  526. */ 
  527. if ( ! apply_filters( 'http_request_host_is_external', false, $host, $url ) ) 
  528. return false; 
  529.  
  530. if ( empty( $parsed_url['port'] ) ) 
  531. return $url; 
  532.  
  533. $port = $parsed_url['port']; 
  534. if ( 80 === $port || 443 === $port || 8080 === $port ) 
  535. return $url; 
  536.  
  537. if ( $parsed_home && $same_host && isset( $parsed_home['port'] ) && $parsed_home['port'] === $port ) 
  538. return $url; 
  539.  
  540. return false; 
  541.  
  542. /** 
  543. * Whitelists allowed redirect hosts for safe HTTP requests as well. 
  544. * 
  545. * Attached to the {@see 'http_request_host_is_external'} filter. 
  546. * 
  547. * @since 3.6.0 
  548. * 
  549. * @param bool $is_external 
  550. * @param string $host 
  551. * @return bool 
  552. */ 
  553. function allowed_http_request_hosts( $is_external, $host ) { 
  554. if ( ! $is_external && wp_validate_redirect( 'http://' . $host ) ) 
  555. $is_external = true; 
  556. return $is_external; 
  557.  
  558. /** 
  559. * Whitelists any domain in a multisite installation for safe HTTP requests. 
  560. * 
  561. * Attached to the {@see 'http_request_host_is_external'} filter. 
  562. * 
  563. * @since 3.6.0 
  564. * 
  565. * @global wpdb $wpdb WordPress database abstraction object. 
  566. * @staticvar array $queried 
  567. * 
  568. * @param bool $is_external 
  569. * @param string $host 
  570. * @return bool 
  571. */ 
  572. function ms_allowed_http_request_hosts( $is_external, $host ) { 
  573. global $wpdb; 
  574. static $queried = array(); 
  575. if ( $is_external ) 
  576. return $is_external; 
  577. if ( $host === get_network()->domain ) 
  578. return true; 
  579. if ( isset( $queried[ $host ] ) ) 
  580. return $queried[ $host ]; 
  581. $queried[ $host ] = (bool) $wpdb->get_var( $wpdb->prepare( "SELECT domain FROM $wpdb->blogs WHERE domain = %s LIMIT 1", $host ) ); 
  582. return $queried[ $host ]; 
  583.  
  584. /** 
  585. * A wrapper for PHP's parse_url() function that handles consistency in the return 
  586. * values across PHP versions. 
  587. * 
  588. * PHP 5.4.7 expanded parse_url()'s ability to handle non-absolute url's, including 
  589. * schemeless and relative url's with :// in the path. This function works around 
  590. * those limitations providing a standard output on PHP 5.2~5.4+. 
  591. * 
  592. * Secondly, across various PHP versions, schemeless URLs starting containing a ":" 
  593. * in the query are being handled inconsistently. This function works around those 
  594. * differences as well. 
  595. * 
  596. * Error suppression is used as prior to PHP 5.3.3, an E_WARNING would be generated 
  597. * when URL parsing failed. 
  598. * 
  599. * @since 4.4.0 
  600. * @since 4.7.0 The $component parameter was added for parity with PHP's parse_url(). 
  601. * 
  602. * @param string $url The URL to parse. 
  603. * @param int $component The specific component to retrieve. Use one of the PHP 
  604. * predefined constants to specify which one. 
  605. * Defaults to -1 (= return all parts as an array). 
  606. * @see http://php.net/manual/en/function.parse-url.php 
  607. * @return mixed False on parse failure; Array of URL components on success; 
  608. * When a specific component has been requested: null if the component 
  609. * doesn't exist in the given URL; a sting or - in the case of 
  610. * PHP_URL_PORT - integer when it does. See parse_url()'s return values. 
  611. */ 
  612. function wp_parse_url( $url, $component = -1 ) { 
  613. $to_unset = array(); 
  614. $url = strval( $url ); 
  615.  
  616. if ( '//' === substr( $url, 0, 2 ) ) { 
  617. $to_unset[] = 'scheme'; 
  618. $url = 'placeholder:' . $url; 
  619. } elseif ( '/' === substr( $url, 0, 1 ) ) { 
  620. $to_unset[] = 'scheme'; 
  621. $to_unset[] = 'host'; 
  622. $url = 'placeholder://placeholder' . $url; 
  623.  
  624. $parts = @parse_url( $url ); 
  625.  
  626. if ( false === $parts ) { 
  627. // Parsing failure. 
  628. return $parts; 
  629.  
  630. // Remove the placeholder values. 
  631. foreach ( $to_unset as $key ) { 
  632. unset( $parts[ $key ] ); 
  633.  
  634. return _get_component_from_parsed_url_array( $parts, $component ); 
  635.  
  636. /** 
  637. * Retrieve a specific component from a parsed URL array. 
  638. * 
  639. * @internal 
  640. * 
  641. * @since 4.7.0 
  642. * 
  643. * @param array|false $url_parts The parsed URL. Can be false if the URL failed to parse. 
  644. * @param int $component The specific component to retrieve. Use one of the PHP 
  645. * predefined constants to specify which one. 
  646. * Defaults to -1 (= return all parts as an array). 
  647. * @see http://php.net/manual/en/function.parse-url.php 
  648. * @return mixed False on parse failure; Array of URL components on success; 
  649. * When a specific component has been requested: null if the component 
  650. * doesn't exist in the given URL; a sting or - in the case of 
  651. * PHP_URL_PORT - integer when it does. See parse_url()'s return values. 
  652. */ 
  653. function _get_component_from_parsed_url_array( $url_parts, $component = -1 ) { 
  654. if ( -1 === $component ) { 
  655. return $url_parts; 
  656.  
  657. $key = _wp_translate_php_url_constant_to_key( $component ); 
  658. if ( false !== $key && is_array( $url_parts ) && isset( $url_parts[ $key ] ) ) { 
  659. return $url_parts[ $key ]; 
  660. } else { 
  661. return null; 
  662.  
  663. /** 
  664. * Translate a PHP_URL_* constant to the named array keys PHP uses. 
  665. * 
  666. * @internal 
  667. * 
  668. * @since 4.7.0 
  669. * 
  670. * @see http://php.net/manual/en/url.constants.php 
  671. * 
  672. * @param int $constant PHP_URL_* constant. 
  673. * @return string|bool The named key or false. 
  674. */ 
  675. function _wp_translate_php_url_constant_to_key( $constant ) { 
  676. $translation = array( 
  677. PHP_URL_SCHEME => 'scheme',  
  678. PHP_URL_HOST => 'host',  
  679. PHP_URL_PORT => 'port',  
  680. PHP_URL_USER => 'user',  
  681. PHP_URL_PASS => 'pass',  
  682. PHP_URL_PATH => 'path',  
  683. PHP_URL_QUERY => 'query',  
  684. PHP_URL_FRAGMENT => 'fragment',  
  685. ); 
  686.  
  687. if ( isset( $translation[ $constant ] ) ) { 
  688. return $translation[ $constant ]; 
  689. } else { 
  690. return false; 
.