I develop an application using the woocommerce v3 API.
I want push an image by remote_url.
But I can't upload it to Woocommerce by the Product API update
I found in the code the issue the image is downloaded by wp_safe_remote_get from Wordpress. But this methode think my URL is not safe.
Why is not safe ? Can i add some whitlist system to avoid considere this URL like unsafe ?
分享 The Wordpress code seems to do a same-host check on urls that are fetched using wp_safe_remote_get().
Here's the source: https://github.com/WordPress/WordPress/blob/c73a812109e1a64ecf21b6a198f949c58d1f2674/wp-includes/http.php
The significant part is the wp_http_validate_url function, and in particular lines 524-530, which are here:
$parsed_home = @parse_url( get_option( 'home' ) );
if ( isset( $parsed_home['host'] ) ) {
$same_host = ( strtolower( $parsed_home['host'] ) === strtolower( $parsed_url['host'] ) || 'localhost' === strtolower( $parsed_url['host'] ) );
} else {
$same_host = false;
}
If $same_host is false, the method treats the url as not safe.
There's no whitelist that I can see. You'd probably need to edit the code to use wp_remote_get() if you want to avoid the problem.
UPDATE: the preceding argument is wrong. The code returns the url even if the host is not the same as long as the port is normal.
分享
