[wp-trac] [WordPress Trac] #37991: fsockopen logic bug
WordPress Trac
noreply at wordpress.org
Thu Sep 8 14:58:31 UTC 2016
#37991: fsockopen logic bug
--------------------------+-----------------------------
Reporter: amandato | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 4.6.1
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
I came across this while debugging a handful of users who had an issue
with our service. Currently the Transport/fsockopen.php library is
including the connection port to the HTTP headers for https, even though
it is using the default port 443.
Referencing the RFC:
{{{
A "host" without any trailing port information implies the default port
for the service requested (e.g., "80" for an HTTP URL).
}}}
Since https has a default port of 443, I would recommend the following
change attached as a patch to the request() function in fsockopen.php
Note: it is possible that the service http is used on port 443, as well as
https on port 80. This is why the logic also checks the 'scheme'.
I've provided a readable patch how this can be written. How it is written
ultimately could change.
Also note that as-is you are not violating the RFC, but also not following
standard practice of leaving the port off when it is the default port for
the service / 'scheme'.
Before WordPress 4.6 the behavior was to not include the port for https
when port 443 is used. I will be submitting a 2nd trac that ties into this
one as well.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/37991>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list