[wp-trac] [WordPress Trac] #26010: SSL via `WP_Http_Curl` breaks on HTTP version mismatch
WordPress Trac
noreply at wordpress.org
Tue Mar 25 23:54:33 UTC 2014
#26010: SSL via `WP_Http_Curl` breaks on HTTP version mismatch
--------------------------+------------------------
Reporter: soulseekah | Owner:
Type: defect (bug) | Status: closed
Priority: normal | Milestone:
Component: HTTP API | Version: 3.7
Severity: minor | Resolution: duplicate
Keywords: | Focuses:
--------------------------+------------------------
Comment (by iandunn):
Replying to [comment:5 dd32]:
> Replying to [comment:3 soulseekah]:
> > And, more importantly, why is WordPress setting `CURLOPT_HTTP_VERSION`
to 1.0? Seems like a non-sane default. Why not let cURL decide, and allow
overrides via the `httpversion` argument as usual, if set?
>
> WP_HTTP is/was a HTTP/1.0 client, it was designed to have a consistent
input/output no matter what transport was used (there used to be 5 of
them). While it now supports HTTP/1.1 mostly, it's still defaulting to 1.0
for nothing other than "all 1.1 servers must support 1.0".
FWIW, [https://www.paypal-
notify.com/eventnotification/event_details?eventId=4283 PayPal is now
requiring HTTP 1.1 requests] on their APIs and returning 403 Forbidden
codes for any 1.0 requests.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/26010#comment:10>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list