WC_HTTPS

WC_HTTPS class.

Defined (1)

The class is defined in the following location(s).

/includes/class-wc-https.php  
  1. class WC_HTTPS { 
  2.  
  3. /** 
  4. * Hook in our HTTPS functions if we're on the frontend. This will ensure any links output to a page (when viewing via HTTPS) are also served over HTTPS. 
  5. */ 
  6. public static function init() { 
  7. if ( 'yes' === get_option( 'woocommerce_force_ssl_checkout' ) && ! is_admin() ) { 
  8. // HTTPS urls with SSL on 
  9. $filters = array( 
  10. 'post_thumbnail_html',  
  11. 'wp_get_attachment_image_attributes',  
  12. 'wp_get_attachment_url',  
  13. 'option_stylesheet_url',  
  14. 'option_template_url',  
  15. 'script_loader_src',  
  16. 'style_loader_src',  
  17. 'template_directory_uri',  
  18. 'stylesheet_directory_uri',  
  19. 'site_url',  
  20. ); 
  21.  
  22. foreach ( $filters as $filter ) { 
  23. add_filter( $filter, array( __CLASS__, 'force_https_url' ), 999 ); 
  24.  
  25. add_filter( 'page_link', array( __CLASS__, 'force_https_page_link' ), 10, 2 ); 
  26. add_action( 'template_redirect', array( __CLASS__, 'force_https_template_redirect' ) ); 
  27.  
  28. if ( 'yes' == get_option( 'woocommerce_unforce_ssl_checkout' ) ) { 
  29. add_action( 'template_redirect', array( __CLASS__, 'unforce_https_template_redirect' ) ); 
  30. add_action( 'http_api_curl', array( __CLASS__, 'http_api_curl' ), 10, 3 ); 
  31.  
  32. /** 
  33. * Force https for urls. 
  34. * @param mixed $content 
  35. * @return string 
  36. */ 
  37. public static function force_https_url( $content ) { 
  38. if ( is_ssl() ) { 
  39. if ( is_array( $content ) ) { 
  40. $content = array_map( 'WC_HTTPS::force_https_url', $content ); 
  41. } else { 
  42. $content = str_replace( 'http:', 'https:', $content ); 
  43. return $content; 
  44.  
  45. /** 
  46. * Force a post link to be SSL if needed. 
  47. * @return string 
  48. */ 
  49. public static function force_https_page_link( $link, $page_id ) { 
  50. if ( in_array( $page_id, array( get_option( 'woocommerce_checkout_page_id' ), get_option( 'woocommerce_myaccount_page_id' ) ) ) ) { 
  51. $link = str_replace( 'http:', 'https:', $link ); 
  52. } elseif ( 'yes' === get_option( 'woocommerce_unforce_ssl_checkout' ) && ! wc_site_is_https() ) { 
  53. $link = str_replace( 'https:', 'http:', $link ); 
  54. return $link; 
  55.  
  56. /** 
  57. * Template redirect - if we end up on a page ensure it has the correct http/https url. 
  58. */ 
  59. public static function force_https_template_redirect() { 
  60. if ( ! is_ssl() && ( is_checkout() || is_account_page() || apply_filters( 'woocommerce_force_ssl_checkout', false ) ) ) { 
  61.  
  62. if ( 0 === strpos( $_SERVER['REQUEST_URI'], 'http' ) ) { 
  63. wp_safe_redirect( preg_replace( '|^http://|', 'https://', $_SERVER['REQUEST_URI'] ) ); 
  64. exit; 
  65. } else { 
  66. wp_safe_redirect( 'https://' . ( ! empty( $_SERVER['HTTP_X_FORWARDED_HOST'] ) ? $_SERVER['HTTP_X_FORWARDED_HOST'] : $_SERVER['HTTP_HOST'] ) . $_SERVER['REQUEST_URI'] ); 
  67. exit; 
  68.  
  69. /** 
  70. * Template redirect - if we end up on a page ensure it has the correct http/https url. 
  71. */ 
  72. public static function unforce_https_template_redirect() { 
  73. if ( function_exists( 'is_customize_preview' ) && is_customize_preview() ) { 
  74. return; 
  75.  
  76. if ( ! wc_site_is_https() && is_ssl() && $_SERVER['REQUEST_URI'] && ! is_checkout() && ! is_ajax() && ! is_account_page() && apply_filters( 'woocommerce_unforce_ssl_checkout', true ) ) { 
  77.  
  78. if ( 0 === strpos( $_SERVER['REQUEST_URI'], 'http' ) ) { 
  79. wp_safe_redirect( preg_replace( '|^https://|', 'http://', $_SERVER['REQUEST_URI'] ) ); 
  80. exit; 
  81. } else { 
  82. wp_safe_redirect( 'http://' . ( ! empty( $_SERVER['HTTP_X_FORWARDED_HOST'] ) ? $_SERVER['HTTP_X_FORWARDED_HOST'] : $_SERVER['HTTP_HOST'] ) . $_SERVER['REQUEST_URI'] ); 
  83. exit; 
  84.  
  85. /** 
  86. * Force posts to PayPal to use TLS v1.2. See: 
  87. * https://core.trac.wordpress.org/ticket/36320 
  88. * https://core.trac.wordpress.org/ticket/34924#comment:13 
  89. * https://www.paypal-knowledge.com/infocenter/index?page=content&widgetview=true&id=FAQ1914&viewlocale=en_US 
  90. */ 
  91. public static function http_api_curl( $handle, $r, $url ) { 
  92. if ( strstr( $url, 'https://' ) && ( strstr( $url, '.paypal.com/nvp' ) || strstr( $url, '.paypal.com/cgi-bin/webscr' ) ) ) { 
  93. curl_setopt( $handle, CURLOPT_SSLVERSION, 6 );