From 8c12a47a07a1ab262cbd7ddc0d84a0b1cf6d5e7f Mon Sep 17 00:00:00 2001 From: Andy Fragen Date: Thu, 6 Aug 2020 09:19:18 -0700 Subject: [PATCH 01/10] add phpcs ruleset --- phpcs.xml | 40 ++++++++++++++++++++++++++++++++++++++++ plugin.php | 2 +- 2 files changed, 41 insertions(+), 1 deletion(-) create mode 100644 phpcs.xml diff --git a/phpcs.xml b/phpcs.xml new file mode 100644 index 0000000..fb7eea9 --- /dev/null +++ b/phpcs.xml @@ -0,0 +1,40 @@ + + + Ruleset for Updates API Inspector. + + + + + + + + + + + + + + + + + + + 5 + + + + + 0 + + + 0 + + + 0 + + + + + + + diff --git a/plugin.php b/plugin.php index da22173..060b8e4 100644 --- a/plugin.php +++ b/plugin.php @@ -1,4 +1,4 @@ - Date: Thu, 6 Aug 2020 10:07:43 -0700 Subject: [PATCH 02/10] remove exclusion --- phpcs.xml | 1 - plugin.php | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/phpcs.xml b/phpcs.xml index fb7eea9..059d925 100644 --- a/phpcs.xml +++ b/phpcs.xml @@ -11,7 +11,6 @@ - diff --git a/plugin.php b/plugin.php index 060b8e4..da22173 100644 --- a/plugin.php +++ b/plugin.php @@ -1,4 +1,4 @@ - Date: Thu, 6 Aug 2020 10:25:39 -0700 Subject: [PATCH 03/10] remove WordPress-Core rulesets --- phpcs.xml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/phpcs.xml b/phpcs.xml index 059d925..a1c750d 100644 --- a/phpcs.xml +++ b/phpcs.xml @@ -5,10 +5,6 @@ - - - - From 0eee94d5f4c761488272cc1c073618b9e914a15e Mon Sep 17 00:00:00 2001 From: Andy Fragen Date: Thu, 6 Aug 2020 10:26:35 -0700 Subject: [PATCH 04/10] remove commented exclusion --- phpcs.xml | 1 - 1 file changed, 1 deletion(-) diff --git a/phpcs.xml b/phpcs.xml index a1c750d..5579de8 100644 --- a/phpcs.xml +++ b/phpcs.xml @@ -6,7 +6,6 @@ - From d754060655427701349441bedf213cde7409408c Mon Sep 17 00:00:00 2001 From: Andy Fragen Date: Thu, 6 Aug 2020 10:29:01 -0700 Subject: [PATCH 05/10] add back WordPress-Core sniffs --- phpcs.xml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/phpcs.xml b/phpcs.xml index 5579de8..6ea1a0e 100644 --- a/phpcs.xml +++ b/phpcs.xml @@ -5,6 +5,8 @@ + + From 357429d2076f453bdeb51c63d927e31136efa262 Mon Sep 17 00:00:00 2001 From: Andy Fragen Date: Thu, 6 Aug 2020 10:55:08 -0700 Subject: [PATCH 06/10] for the future --- phpcs.xml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/phpcs.xml b/phpcs.xml index 6ea1a0e..febc4bd 100644 --- a/phpcs.xml +++ b/phpcs.xml @@ -5,6 +5,10 @@ + + */vendor/* + */node_modules/* + From b011ecaded4634037252e5271e3bd1b8ee9f318c Mon Sep 17 00:00:00 2001 From: Andy Fragen Date: Thu, 6 Aug 2020 13:24:26 -0700 Subject: [PATCH 07/10] Fix short circuit of HTTP request Fixes https://github.com/pbiron/updates-api-inspector/issues/11 --- plugin.php | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/plugin.php b/plugin.php index da22173..30fd1aa 100644 --- a/plugin.php +++ b/plugin.php @@ -189,6 +189,9 @@ protected function update_check( $type ) { add_action( 'http_api_debug', array( $this, 'capture_request_response' ), PHP_INT_MAX, 5 ); add_action( "set_site_transient_{$transient_name}", array( $this, 'capture_transient_as_set' ), PHP_INT_MAX ); + // make sure another plugin isn't short circuiting the filter. + add_filter( 'pre_http_request', array( $this, 'pre_http_request_modify' ), 10, 3 ); + // Query the API. switch ( $type ) { case 'core': @@ -208,10 +211,27 @@ protected function update_check( $type ) { // remove our capture hooks. remove_action( "set_site_transient_{$transient_name}", array( $this, 'capture_transient_as_set' ), PHP_INT_MAX ); remove_action( 'http_api_debug', array( $this, 'capture_request_response' ) ); + remove_filter( 'pre_http_request', array( $this, 'pre_http_request_modify' ) ); return; } + /** + * Fix for plugin's that bypass HTTP requests. + * + * @uses 'pre_http_request' filter. + * + * @param bool $result Default is false, truthy value short circuits the request. + * @param array $args HTTP request args. + * @param string $url HTTP request URL. + * + * @return bool + */ + public function pre_http_request_modify( $result, $args, $url ) { + $result = true === $result ? false : $result; + return $result; + } + /** * Capture the API request and response. * From db54948f72a6f65d22e549217f93578ec3bf15a4 Mon Sep 17 00:00:00 2001 From: Andy Fragen Date: Thu, 6 Aug 2020 13:52:28 -0700 Subject: [PATCH 08/10] typo --- plugin.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugin.php b/plugin.php index 30fd1aa..ce43b3a 100644 --- a/plugin.php +++ b/plugin.php @@ -217,7 +217,7 @@ protected function update_check( $type ) { } /** - * Fix for plugin's that bypass HTTP requests. + * Fix for plugins that bypass HTTP requests. * * @uses 'pre_http_request' filter. * From e69b9b90bf914565989dadced02b4a7673f32e88 Mon Sep 17 00:00:00 2001 From: Andy Fragen Date: Thu, 6 Aug 2020 14:54:07 -0700 Subject: [PATCH 09/10] try something closer remove Revert "Merge branch 'ruleset' into fix-http-request-bypass" This reverts commit ecbb79cf66d41412e103d2faa5cde18ac4d64bee. --- phpcs.xml | 40 ---------------------------------------- plugin.php | 11 +++++++---- 2 files changed, 7 insertions(+), 44 deletions(-) delete mode 100644 phpcs.xml diff --git a/phpcs.xml b/phpcs.xml deleted file mode 100644 index febc4bd..0000000 --- a/phpcs.xml +++ /dev/null @@ -1,40 +0,0 @@ - - - Ruleset for Updates API Inspector. - - - - - - */vendor/* - */node_modules/* - - - - - - - - - - - - 5 - - - - - 0 - - - 0 - - - 0 - - - - - - - diff --git a/plugin.php b/plugin.php index ce43b3a..1f3db33 100644 --- a/plugin.php +++ b/plugin.php @@ -190,7 +190,7 @@ protected function update_check( $type ) { add_action( "set_site_transient_{$transient_name}", array( $this, 'capture_transient_as_set' ), PHP_INT_MAX ); // make sure another plugin isn't short circuiting the filter. - add_filter( 'pre_http_request', array( $this, 'pre_http_request_modify' ), 10, 3 ); + add_filter( 'pre_http_request', array( $this, 'capture_pre_http_request' ), 10, 3 ); // Query the API. switch ( $type ) { @@ -211,7 +211,7 @@ protected function update_check( $type ) { // remove our capture hooks. remove_action( "set_site_transient_{$transient_name}", array( $this, 'capture_transient_as_set' ), PHP_INT_MAX ); remove_action( 'http_api_debug', array( $this, 'capture_request_response' ) ); - remove_filter( 'pre_http_request', array( $this, 'pre_http_request_modify' ) ); + remove_filter( 'pre_http_request', array( $this, 'capture_pre_http_request' ) ); return; } @@ -227,8 +227,11 @@ protected function update_check( $type ) { * * @return bool */ - public function pre_http_request_modify( $result, $args, $url ) { - $result = true === $result ? false : $result; + public function capture_pre_http_request( $result, $args, $url ) { + if ( $result ) { + $this->capture_request_response( $response, 'request', 'Request', $args, $url ); + } + return $result; } From 43a34d851de0c86e8c60bc3e4cb526c8f063a82c Mon Sep 17 00:00:00 2001 From: Andy Fragen Date: Thu, 6 Aug 2020 15:57:42 -0700 Subject: [PATCH 10/10] fix and return WP_Error if some dev really screws it up --- plugin.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/plugin.php b/plugin.php index 1f3db33..f2f03c2 100644 --- a/plugin.php +++ b/plugin.php @@ -229,7 +229,10 @@ protected function update_check( $type ) { */ public function capture_pre_http_request( $result, $args, $url ) { if ( $result ) { - $this->capture_request_response( $response, 'request', 'Request', $args, $url ); + $this->capture_request_response( $result, 'request', 'Request', $args, $url ); + if ( true === $result ) { + return new \WP_Error( 'short-circuit', 'Some developer incorrectly hooked into `pre_http_request` returning true.' ); + } } return $result;