[Summary view] [Print] [Text view]

   1  <?php
   2  /**
   3   * HTTP API: WP_HTTP_Proxy class
   4   *
   5   * @package WordPress
   6   * @subpackage HTTP
   7   * @since 4.4.0
   8   */
   9  
  10  /**
  11   * Core class used to implement HTTP API proxy support.
  12   *
  13   * There are caveats to proxy support. It requires that defines be made in the wp-config.php file to
  14   * enable proxy support. There are also a few filters that plugins can hook into for some of the
  15   * constants.
  16   *
  17   * Please note that only BASIC authentication is supported by most transports.
  18   * cURL MAY support more methods (such as NTLM authentication) depending on your environment.
  19   *
  20   * The constants are as follows:
  21   * <ol>
  22   * <li>WP_PROXY_HOST - Enable proxy support and host for connecting.</li>
  23   * <li>WP_PROXY_PORT - Proxy port for connection. No default, must be defined.</li>
  24   * <li>WP_PROXY_USERNAME - Proxy username, if it requires authentication.</li>
  25   * <li>WP_PROXY_PASSWORD - Proxy password, if it requires authentication.</li>
  26   * <li>WP_PROXY_BYPASS_HOSTS - Will prevent the hosts in this list from going through the proxy.
  27   * You do not need to have localhost and the site host in this list, because they will not be passed
  28   * through the proxy. The list should be presented in a comma separated list, wildcards using * are supported. Example: *.wordpress.org</li>
  29   * </ol>
  30   *
  31   * An example can be as seen below.
  32   *
  33   *     define('WP_PROXY_HOST', '192.168.84.101');
  34   *     define('WP_PROXY_PORT', '8080');
  35   *     define('WP_PROXY_BYPASS_HOSTS', 'localhost, www.example.com, *.wordpress.org');
  36   *
  37   * @link https://core.trac.wordpress.org/ticket/4011 Proxy support ticket in WordPress.
  38   * @link https://core.trac.wordpress.org/ticket/14636 Allow wildcard domains in WP_PROXY_BYPASS_HOSTS
  39   *
  40   * @since 2.8.0
  41   */
  42  class WP_HTTP_Proxy {
  43  
  44      /**
  45       * Whether proxy connection should be used.
  46       *
  47       * Constants which control this behaviour:
  48       *
  49       * - `WP_PROXY_HOST`
  50       * - `WP_PROXY_PORT`
  51       *
  52       * @since 2.8.0
  53       *
  54       * @return bool
  55       */
  56  	public function is_enabled() {
  57          return defined( 'WP_PROXY_HOST' ) && defined( 'WP_PROXY_PORT' );
  58      }
  59  
  60      /**
  61       * Whether authentication should be used.
  62       *
  63       * Constants which control this behaviour:
  64       *
  65       * - `WP_PROXY_USERNAME`
  66       * - `WP_PROXY_PASSWORD`
  67       *
  68       * @since 2.8.0
  69       *
  70       * @return bool
  71       */
  72  	public function use_authentication() {
  73          return defined( 'WP_PROXY_USERNAME' ) && defined( 'WP_PROXY_PASSWORD' );
  74      }
  75  
  76      /**
  77       * Retrieve the host for the proxy server.
  78       *
  79       * @since 2.8.0
  80       *
  81       * @return string
  82       */
  83  	public function host() {
  84          if ( defined( 'WP_PROXY_HOST' ) ) {
  85              return WP_PROXY_HOST;
  86          }
  87  
  88          return '';
  89      }
  90  
  91      /**
  92       * Retrieve the port for the proxy server.
  93       *
  94       * @since 2.8.0
  95       *
  96       * @return string
  97       */
  98  	public function port() {
  99          if ( defined( 'WP_PROXY_PORT' ) ) {
 100              return WP_PROXY_PORT;
 101          }
 102  
 103          return '';
 104      }
 105  
 106      /**
 107       * Retrieve the username for proxy authentication.
 108       *
 109       * @since 2.8.0
 110       *
 111       * @return string
 112       */
 113  	public function username() {
 114          if ( defined( 'WP_PROXY_USERNAME' ) ) {
 115              return WP_PROXY_USERNAME;
 116          }
 117  
 118          return '';
 119      }
 120  
 121      /**
 122       * Retrieve the password for proxy authentication.
 123       *
 124       * @since 2.8.0
 125       *
 126       * @return string
 127       */
 128  	public function password() {
 129          if ( defined( 'WP_PROXY_PASSWORD' ) ) {
 130              return WP_PROXY_PASSWORD;
 131          }
 132  
 133          return '';
 134      }
 135  
 136      /**
 137       * Retrieve authentication string for proxy authentication.
 138       *
 139       * @since 2.8.0
 140       *
 141       * @return string
 142       */
 143  	public function authentication() {
 144          return $this->username() . ':' . $this->password();
 145      }
 146  
 147      /**
 148       * Retrieve header string for proxy authentication.
 149       *
 150       * @since 2.8.0
 151       *
 152       * @return string
 153       */
 154  	public function authentication_header() {
 155          return 'Proxy-Authorization: Basic ' . base64_encode( $this->authentication() );
 156      }
 157  
 158      /**
 159       * Determines whether the request should be sent through a proxy.
 160       *
 161       * We want to keep localhost and the site URL from being sent through the proxy, because
 162       * some proxies can not handle this. We also have the constant available for defining other
 163       * hosts that won't be sent through the proxy.
 164       *
 165       * @since 2.8.0
 166       *
 167       * @param string $uri URL of the request.
 168       * @return bool Whether to send the request through the proxy.
 169       */
 170  	public function send_through_proxy( $uri ) {
 171          $check = parse_url( $uri );
 172  
 173          // Malformed URL, can not process, but this could mean ssl, so let through anyway.
 174          if ( false === $check ) {
 175              return true;
 176          }
 177  
 178          $home = parse_url( get_option( 'siteurl' ) );
 179  
 180          /**
 181           * Filters whether to preempt sending the request through the proxy.
 182           *
 183           * Returning false will bypass the proxy; returning true will send
 184           * the request through the proxy. Returning null bypasses the filter.
 185           *
 186           * @since 3.5.0
 187           *
 188           * @param bool|null $override Whether to send the request through the proxy. Default null.
 189           * @param string    $uri      URL of the request.
 190           * @param array     $check    Associative array result of parsing the request URL with `parse_url()`.
 191           * @param array     $home     Associative array result of parsing the site URL with `parse_url()`.
 192           */
 193          $result = apply_filters( 'pre_http_send_through_proxy', null, $uri, $check, $home );
 194          if ( ! is_null( $result ) ) {
 195              return $result;
 196          }
 197  
 198          if ( 'localhost' === $check['host'] || ( isset( $home['host'] ) && $home['host'] === $check['host'] ) ) {
 199              return false;
 200          }
 201  
 202          if ( ! defined( 'WP_PROXY_BYPASS_HOSTS' ) ) {
 203              return true;
 204          }
 205  
 206          static $bypass_hosts   = null;
 207          static $wildcard_regex = array();
 208          if ( null === $bypass_hosts ) {
 209              $bypass_hosts = preg_split( '|,\s*|', WP_PROXY_BYPASS_HOSTS );
 210  
 211              if ( false !== strpos( WP_PROXY_BYPASS_HOSTS, '*' ) ) {
 212                  $wildcard_regex = array();
 213                  foreach ( $bypass_hosts as $host ) {
 214                      $wildcard_regex[] = str_replace( '\*', '.+', preg_quote( $host, '/' ) );
 215                  }
 216                  $wildcard_regex = '/^(' . implode( '|', $wildcard_regex ) . ')$/i';
 217              }
 218          }
 219  
 220          if ( ! empty( $wildcard_regex ) ) {
 221              return ! preg_match( $wildcard_regex, $check['host'] );
 222          } else {
 223              return ! in_array( $check['host'], $bypass_hosts, true );
 224          }
 225      }
 226  }