Changed all requests with wp_remote_* to wp_safe_remote_*

sombodi · Jun 1, 2015 · 9eb3b6d · 9eb3b6d
1 parent c1db266
commit 9eb3b6d
Show file tree

Hide file tree

Showing 11 changed files with 16 additions and 16 deletions.
diff --git a/includes/admin/class-wc-admin-addons.php b/includes/admin/class-wc-admin-addons.php
@@ -24,7 +24,7 @@ public static function output() {
 
 		if ( false === ( $addons = get_transient( 'woocommerce_addons_data' ) ) ) {
 
-			$addons_json = wp_remote_get( 'http://d3t0oesq8995hv.cloudfront.net/woocommerce-addons.json', array( 'user-agent' => 'WooCommerce Addons Page' ) );
+			$addons_json = wp_safe_remote_get( 'http://d3t0oesq8995hv.cloudfront.net/woocommerce-addons.json', array( 'user-agent' => 'WooCommerce Addons Page' ) );
 
 			if ( ! is_wp_error( $addons_json ) ) {
 

diff --git a/includes/admin/class-wc-admin-welcome.php b/includes/admin/class-wc-admin-welcome.php
@@ -404,7 +404,7 @@ public function get_contributors() {
 			return $contributors;
 		}
 
-		$response = wp_remote_get( 'https://api.github.com/repos/woothemes/woocommerce/contributors' );
+		$response = wp_safe_remote_get( 'https://api.github.com/repos/woothemes/woocommerce/contributors' );
 
 		if ( is_wp_error( $response ) || 200 != wp_remote_retrieve_response_code( $response ) ) {
 			return array();

diff --git a/includes/admin/views/html-admin-page-status-report.php b/includes/admin/views/html-admin-page-status-report.php
@@ -218,7 +218,7 @@
 			$posting['wp_remote_post']['name'] = __( 'Remote Post', 'woocommerce');
 			$posting['wp_remote_post']['help'] = '<a href="#" class="help_tip" data-tip="' . esc_attr__( 'PayPal uses this method of communicating when sending back transaction information.', 'woocommerce' ) . '">[?]</a>';
 
-			$response = wp_remote_post( 'https://www.paypal.com/cgi-bin/webscr', array(
+			$response = wp_safe_remote_post( 'https://www.paypal.com/cgi-bin/webscr', array(
 				'timeout'    => 60,
 				'user-agent' => 'WooCommerce/' . WC()->version,
 				'body'       => array(
@@ -242,7 +242,7 @@
 			$posting['wp_remote_get']['name'] = __( 'Remote Get', 'woocommerce');
 			$posting['wp_remote_get']['help'] = '<a href="#" class="help_tip" data-tip="' . esc_attr__( 'WooCommerce plugins may use this method of communication when checking for plugin updates.', 'woocommerce' ) . '">[?]</a>';
 
-			$response = wp_remote_get( 'http://www.woothemes.com/wc-api/product-key-api?request=ping&network=' . ( is_multisite() ? '1' : '0' ) );
+			$response = wp_safe_remote_get( 'http://www.woothemes.com/wc-api/product-key-api?request=ping&network=' . ( is_multisite() ? '1' : '0' ) );
 
 			if ( ! is_wp_error( $response ) && $response['response']['code'] >= 200 && $response['response']['code'] < 300 ) {
 				$posting['wp_remote_get']['success'] = true;
@@ -371,7 +371,7 @@
 				if ( strstr( $dirname, 'woocommerce-' ) ) {
 
 					if ( false === ( $version_data = get_transient( md5( $plugin ) . '_version_data' ) ) ) {
-						$changelog = wp_remote_get( 'http://dzv365zjfbd8v.cloudfront.net/changelogs/' . $dirname . '/changelog.txt' );
+						$changelog = wp_safe_remote_get( 'http://dzv365zjfbd8v.cloudfront.net/changelogs/' . $dirname . '/changelog.txt' );
 						$cl_lines  = explode( "\n", wp_remote_retrieve_body( $changelog ) );
 						if ( ! empty( $cl_lines ) ) {
 							foreach ( $cl_lines as $line_num => $cl_line ) {
@@ -599,7 +599,7 @@
 			$theme_dir = substr( strtolower( str_replace( ' ','', $active_theme->Name ) ), 0, 45 );
 
 			if ( false === ( $theme_version_data = get_transient( $theme_dir . '_version_data' ) ) ) {
-				$theme_changelog = wp_remote_get( 'http://dzv365zjfbd8v.cloudfront.net/changelogs/' . $theme_dir . '/changelog.txt' );
+				$theme_changelog = wp_safe_remote_get( 'http://dzv365zjfbd8v.cloudfront.net/changelogs/' . $theme_dir . '/changelog.txt' );
 				$cl_lines  = explode( "\n", wp_remote_retrieve_body( $theme_changelog ) );
 				if ( ! empty( $cl_lines ) ) {
 					foreach ( $cl_lines as $line_num => $cl_line ) {

diff --git a/includes/api/class-wc-api-products.php b/includes/api/class-wc-api-products.php
@@ -1778,7 +1778,7 @@ public function upload_product_image( $image_url ) {
 		$image_url = str_replace( ' ', '%20', $image_url );
 
 		// Get the file
-		$response = wp_remote_get( $image_url, array(
+		$response = wp_safe_remote_get( $image_url, array(
 			'timeout' => 10
 		) );
 

diff --git a/includes/class-wc-geolocation.php b/includes/class-wc-geolocation.php
@@ -99,7 +99,7 @@ public static function get_external_ip_address() {
 
 			foreach ( $ip_lookup_services_keys as $service_name ) {
 				$service_endpoint = $ip_lookup_services[ $service_name ];
-				$response         = wp_remote_get( $service_endpoint, array( 'timeout' => 2 ) );
+				$response         = wp_safe_remote_get( $service_endpoint, array( 'timeout' => 2 ) );
 
 				if ( ! is_wp_error( $response ) && $response['body'] ) {
 					$external_ip_address = apply_filters( 'woocommerce_geolocation_ip_lookup_api_response', wc_clean( $response['body'] ), $service_name );
@@ -242,7 +242,7 @@ private static function geolocate_via_api( $ip_address ) {
 
 			foreach ( $geoip_services_keys as $service_name ) {
 				$service_endpoint = $geoip_services[ $service_name ];
-				$response         = wp_remote_get( sprintf( $service_endpoint, $ip_address ), array( 'timeout' => 2 ) );
+				$response         = wp_safe_remote_get( sprintf( $service_endpoint, $ip_address ), array( 'timeout' => 2 ) );
 
 				if ( ! is_wp_error( $response ) && $response['body'] ) {
 					switch ( $service_name ) {

diff --git a/includes/class-wc-install.php b/includes/class-wc-install.php
@@ -628,7 +628,7 @@ public static function in_plugin_update_message( $args ) {
 		$transient_name = 'wc_upgrade_notice_' . $args['Version'];
 
 		if ( false === ( $upgrade_notice = get_transient( $transient_name ) ) ) {
-			$response = wp_remote_get( 'https://plugins.svn.wordpress.org/woocommerce/trunk/readme.txt' );
+			$response = wp_safe_remote_get( 'https://plugins.svn.wordpress.org/woocommerce/trunk/readme.txt' );
 
 			if ( ! is_wp_error( $response ) && ! empty( $response['body'] ) ) {
 				$upgrade_notice = self::parse_update_notice( $response['body'] );

diff --git a/includes/class-wc-language-pack-upgrader.php b/includes/class-wc-language-pack-upgrader.php
@@ -109,7 +109,7 @@ public function configure_woocommerce_upgrade_notice() {
 	 * @return bool
 	 */
 	public function check_if_language_pack_exists() {
-		$response = wp_remote_get( $this->get_language_package_uri(), array( 'timeout' => 60 ) );
+		$response = wp_safe_remote_get( $this->get_language_package_uri(), array( 'timeout' => 60 ) );
 
 		if ( ! is_wp_error( $response ) && $response['response']['code'] >= 200 && $response['response']['code'] < 300 ) {
 			return true;
@@ -188,7 +188,7 @@ public function manual_language_update() {
 			}
 
 			// Download the language pack
-			$response = wp_remote_get( $this->get_language_package_uri(), array( 'timeout' => 60 ) );
+			$response = wp_safe_remote_get( $this->get_language_package_uri(), array( 'timeout' => 60 ) );
 			if ( ! is_wp_error( $response ) && $response['response']['code'] >= 200 && $response['response']['code'] < 300 ) {
 				global $wp_filesystem;
 

diff --git a/includes/class-wc-tracker.php b/includes/class-wc-tracker.php
@@ -60,7 +60,7 @@ public static function send_tracking_data( $override = false ) {
 		update_option( 'woocommerce_tracker_last_send', time() );
 
 		$params   = self::get_tracking_data();
-		$response = wp_remote_post( self::$api_url, array(
+		$response = wp_safe_remote_post( self::$api_url, array(
 				'method'      => 'POST',
 				'timeout'     => 45,
 				'redirection' => 5,

diff --git a/includes/gateways/paypal/includes/class-wc-gateway-paypal-ipn-handler.php b/includes/gateways/paypal/includes/class-wc-gateway-paypal-ipn-handler.php
@@ -84,7 +84,7 @@ public function validate_ipn() {
 		);
 
 		// Post back to get a response
-		$response = wp_remote_post( $this->sandbox ? 'https://www.sandbox.paypal.com/cgi-bin/webscr' : 'https://www.paypal.com/cgi-bin/webscr', $params );
+		$response = wp_safe_remote_post( $this->sandbox ? 'https://www.sandbox.paypal.com/cgi-bin/webscr' : 'https://www.paypal.com/cgi-bin/webscr', $params );
 
 		WC_Gateway_Paypal::log( 'IPN Request: ' . print_r( $params, true ) );
 		WC_Gateway_Paypal::log( 'IPN Response: ' . print_r( $response, true ) );

diff --git a/includes/gateways/paypal/includes/class-wc-gateway-paypal-pdt-handler.php b/includes/gateways/paypal/includes/class-wc-gateway-paypal-pdt-handler.php
@@ -42,7 +42,7 @@ protected function validate_transaction( $transaction ) {
 		);
 
 		// Post back to get a response
-		$response = wp_remote_post( $this->sandbox ? 'https://www.sandbox.paypal.com/cgi-bin/webscr' : 'https://www.paypal.com/cgi-bin/webscr', $pdt );
+		$response = wp_safe_remote_post( $this->sandbox ? 'https://www.sandbox.paypal.com/cgi-bin/webscr' : 'https://www.paypal.com/cgi-bin/webscr', $pdt );
 
 		if ( is_wp_error( $response ) || ! strpos( $response['body'], "SUCCESS" ) === 0 ) {
 			return false;

diff --git a/includes/gateways/paypal/includes/class-wc-gateway-paypal-refund.php b/includes/gateways/paypal/includes/class-wc-gateway-paypal-refund.php
@@ -53,7 +53,7 @@ public static function get_request( $order, $amount = null, $reason = '' ) {
 	 * @return array|wp_error The parsed response from paypal, or a WP_Error object
 	 */
 	public static function refund_order( $order, $amount = null, $reason = '', $sandbox = false ) {
-		$response = wp_remote_post(
+		$response = wp_safe_remote_post(
 			$sandbox ? 'https://api-3t.sandbox.paypal.com/nvp' : 'https://api-3t.paypal.com/nvp',
 			array(
 				'method'      => 'POST',