WPScan API: Update x-ratelimit-remaining header functionality

[gudmdharalds]

This pull request will add a special case when parsing rate-limiting headers in case of WPScan API HTTP responses. Such responses made with a token key that provides unlimited HTTP API requests will result in a x-ratelimit-remaining header of negative value in responses from the API. Previously, that would result in an exit with error code, but this pull request adds an exception so that these are handled gracefully.

In addition, this pull request adds a sanity check to the header input, ensuring that the value is numeric.

TODO:

• Update vipgoci_http_api_rate_limits_check() to support negative rate-limit header for WPScan API.
  • Add sanity checking for input.
  • Add test for function.
• Check status of automated tests
• Changelog entry (for VIP) [ Changelog for version 1.3.2 #305 ]

[wpcomvip-vipgoci-bot]

Code analysis identified issues

VIP Code Analysis Bot has identified potential problems in this pull request during automated scanning. We recommend reviewing the issues noted and that they are resolved.

phpcs scanning turned up:

🚫 1 error

---

This bot provides automated PHP linting and PHPCS scanning. For more information about the bot and available customizations, see our documentation.

---

Scan run detail

Software versions vip-go-ci version: 1.3.1 PHP runtime version for vip-go-ci: 8.1.11 PHP runtime for linting: PHP 8.1: 8.1.11 PHP runtime version for PHPCS: 7.4.32 PHPCS version: 3.7.1 PHP runtime version for SVG scanner: 7.4.32 Options file (.vipgoci_options) Options file enabled: true Configurable options: skip-execution skip-draft-prs lint-modified-files-only phpcs phpcs-severity phpcs-sniffs-include phpcs-sniffs-exclude report-no-issues-found review-comments-sort review-comments-include-severity post-generic-pr-support-comments review-comments-sort scan-details-msg-include svg-checks autoapprove autoapprove-php-nonfunctional-changes Options altered: phpcs-severityset to1 phpcs-sniffs-includeset toGeneric.PHP.DisallowShortOpenTag, Squiz.PHP.CommentedOutCode phpcs-sniffs-excludeset toWordPress.Security.EscapeOutput, WordPress.PHP.DevelopmentFunctions, WordPress.WP.AlternativeFunctions, WordPress.PHP.DiscouragedPHPFunctions, WordPress.Files.FileName, Squiz.Commenting.FileComment, Generic.PHP.Syntax skip-draft-prsset to

PHP lint options PHP lint files enabled: true Lint modified files only: true Directories not PHP linted: None SVG configuration SVG scanning enabled: true Auto-approval configuration Auto-approvals enabled: true Non-functional changes auto-approved: true Auto-approved file-types: css csv eot gif gz ico ini jpeg jpg json less map md mdown mo mp4 otf pcss pdf po pot png sass scss styl ttf txt woff woff2 yml

PHPCS configuration PHPCS scanning enabled: true PHPCS severity level: 1 Standard(s) used: PHPCompatibility PHPCompatibilityParagonieRandomCompat PHPCompatibilityParagonieSodiumCompat VariableAnalysis WordPress Runtime set: testVersion 8.1- Custom sniffs included: Generic.PHP.DisallowShortOpenTag Squiz.PHP.CommentedOutCode Custom sniffs excluded: WordPress.Security.EscapeOutput WordPress.PHP.DevelopmentFunctions WordPress.WP.AlternativeFunctions WordPress.PHP.DiscouragedPHPFunctions WordPress.Files.FileName Squiz.Commenting.FileComment Generic.PHP.Syntax Directories not PHPCS scanned: tests/unit WPScan API configuration WPScan API scanning enabled: false

Dismissing review as all inline comments are obsolete by now

[wpcomvip-vipgoci-bot]

No issues were found to report when scanning latest commit (commit-ID: 220870a)

---

This bot provides automated PHP linting and PHPCS scanning. For more information about the bot and available customizations, see our documentation.

---

---

Scan run detail

Software versions vip-go-ci version: 1.3.1 PHP runtime version for vip-go-ci: 8.1.11 PHP runtime for linting: PHP 8.1: 8.1.11 PHP runtime version for PHPCS: 7.4.32 PHPCS version: 3.7.1 PHP runtime version for SVG scanner: 7.4.32 Options file (.vipgoci_options) Options file enabled: true Configurable options: skip-execution skip-draft-prs lint-modified-files-only phpcs phpcs-severity phpcs-sniffs-include phpcs-sniffs-exclude report-no-issues-found review-comments-sort review-comments-include-severity post-generic-pr-support-comments review-comments-sort scan-details-msg-include svg-checks autoapprove autoapprove-php-nonfunctional-changes Options altered: phpcs-severityset to1 phpcs-sniffs-includeset toGeneric.PHP.DisallowShortOpenTag, Squiz.PHP.CommentedOutCode phpcs-sniffs-excludeset toWordPress.Security.EscapeOutput, WordPress.PHP.DevelopmentFunctions, WordPress.WP.AlternativeFunctions, WordPress.PHP.DiscouragedPHPFunctions, WordPress.Files.FileName, Squiz.Commenting.FileComment, Generic.PHP.Syntax skip-draft-prsset to

PHP lint options PHP lint files enabled: true Lint modified files only: true Directories not PHP linted: None SVG configuration SVG scanning enabled: true Auto-approval configuration Auto-approvals enabled: true Non-functional changes auto-approved: true Auto-approved file-types: css csv eot gif gz ico ini jpeg jpg json less map md mdown mo mp4 otf pcss pdf po pot png sass scss styl ttf txt woff woff2 yml

PHPCS configuration PHPCS scanning enabled: true PHPCS severity level: 1 Standard(s) used: PHPCompatibility PHPCompatibilityParagonieRandomCompat PHPCompatibilityParagonieSodiumCompat VariableAnalysis WordPress Runtime set: testVersion 8.1- Custom sniffs included: Generic.PHP.DisallowShortOpenTag Squiz.PHP.CommentedOutCode Custom sniffs excluded: WordPress.Security.EscapeOutput WordPress.PHP.DevelopmentFunctions WordPress.WP.AlternativeFunctions WordPress.PHP.DiscouragedPHPFunctions WordPress.Files.FileName Squiz.Commenting.FileComment Generic.PHP.Syntax Directories not PHPCS scanned: tests/unit WPScan API configuration WPScan API scanning enabled: false