Photon: Force only Photon URLs to HTTPS #6083
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
aduth
added
[Feature] Photon
|
No unit tests? |
|
Good call, they'd not existed 'til semi-recently. I'll add cases based on testing instructions. |
|
Added unit tests and updated testing instructions accordingly. I also changed behavior to not try to override the scheme of a URL which is already "Photonized". It seems as though we should respect the scheme of the Photon domain*, though I think this might need to be part of a larger set of changes to deprecate the * In other words, I think |
Not quite WordPress recommended convention, but avoiding change where change isn’t intended in branch
|
@aduth The unit tests added seem to have a couple failures in PHP 5.2/5.3 -- test_photon_url_filter_network_path_photonized_http If you need me to, I can dig into what's causing the failures, just let me know. |
|
@georgestephanis I may or may not have time to take a look this week, but I suspect it could be an existing issue with URL parsing related to this PHP Changelog note from 5.4.7:
http://php.net/manual/en/function.parse-url.php#refsect1-function.parse-url-changelog At this line: https://github.com/Automattic/jetpack/blob/df97b9d/functions.photon.php#L101 |
|
I'll put a reminder on it and try to hit it later this week if you don't beat me to it. Alternately, if anyone finds this still open after next week, please hunt me down and beat me with a whisky bottle until I fix it. Then leave the bottle when you're done. |
|
In 2e53352, added |
eliorivero
added
[Status] Ready to Merge
georgestephanis
approved these changes
Jan 31, 2017
dereksmart
pushed a commit
that referenced
this pull request
Feb 2, 2017
* Changelog: move 4.5 changelog to changelog.txt * Changelog: add #5603 * Changelog: add #6242 * Changelog: add #6104 * Changelog: add #6109 * Changelog: add #6118 * Changelog: adf #6122 * Changelog: add #6115 * Changelog: add #6126 * Changelog: add #6131 * Changelog: add #6140 * Testing list: add testing instructions for Widget fixes. * Changelog: add #6142 * Changelog: add #6149 * Changelog: add #6151 * Changelog: add #6153 * Changelog: add #6154 * Changelog: add #6155 * Changelog: add #6158 * Changelog: add #6170 * Changelog: add #6182 * Changelog: add #6183 * Changelog: add #5821 * Changelog: add #5953 * Changelog: add #5988 * Changelog: add #6002 * Changelog: add #6021 * Changelog: add #6038 * Changelog: add #6040 * Changelog: add #6060 * Changelog: add #6068 * Changelog: add #6083 * Changelog: add #6098 * Changelog: add #6186 * Testing list: add Publicize instructions. * Changelog: add #6190 * Changelog: add #6194 * Changelog: add #6230 * Changelog: add #6232 * Changelog: add #6234 * Testing list: add instructions to test Woo JITM. * Testing list: add PHP 7.1 testing. * Testing list: add compat tests for widgets and shortcodes. * Testing list: add wpcom REST API testing. * Missing word in testing list.
dereksmart
pushed a commit
that referenced
this pull request
Feb 2, 2017
* Changelog: move 4.5 changelog to changelog.txt * Changelog: add #5603 * Changelog: add #6242 * Changelog: add #6104 * Changelog: add #6109 * Changelog: add #6118 * Changelog: adf #6122 * Changelog: add #6115 * Changelog: add #6126 * Changelog: add #6131 * Changelog: add #6140 * Testing list: add testing instructions for Widget fixes. * Changelog: add #6142 * Changelog: add #6149 * Changelog: add #6151 * Changelog: add #6153 * Changelog: add #6154 * Changelog: add #6155 * Changelog: add #6158 * Changelog: add #6170 * Changelog: add #6182 * Changelog: add #6183 * Changelog: add #5821 * Changelog: add #5953 * Changelog: add #5988 * Changelog: add #6002 * Changelog: add #6021 * Changelog: add #6038 * Changelog: add #6040 * Changelog: add #6060 * Changelog: add #6068 * Changelog: add #6083 * Changelog: add #6098 * Changelog: add #6186 * Testing list: add Publicize instructions. * Changelog: add #6190 * Changelog: add #6194 * Changelog: add #6230 * Changelog: add #6232 * Changelog: add #6234 * Testing list: add instructions to test Woo JITM. * Testing list: add PHP 7.1 testing. * Testing list: add compat tests for widgets and shortcodes. * Testing list: add wpcom REST API testing. * Missing word in testing list.
samhotchkiss
pushed a commit
that referenced
this pull request
Feb 10, 2017
* update google analytics description (#6250) * Add user tracking for disconnecting site (#6248) * Minor whitespace cleanups * Changelog and Testing list for Jetpack 4.6 (#6245) * Changelog: move 4.5 changelog to changelog.txt * Changelog: add #5603 * Changelog: add #6242 * Changelog: add #6104 * Changelog: add #6109 * Changelog: add #6118 * Changelog: adf #6122 * Changelog: add #6115 * Changelog: add #6126 * Changelog: add #6131 * Changelog: add #6140 * Testing list: add testing instructions for Widget fixes. * Changelog: add #6142 * Changelog: add #6149 * Changelog: add #6151 * Changelog: add #6153 * Changelog: add #6154 * Changelog: add #6155 * Changelog: add #6158 * Changelog: add #6170 * Changelog: add #6182 * Changelog: add #6183 * Changelog: add #5821 * Changelog: add #5953 * Changelog: add #5988 * Changelog: add #6002 * Changelog: add #6021 * Changelog: add #6038 * Changelog: add #6040 * Changelog: add #6060 * Changelog: add #6068 * Changelog: add #6083 * Changelog: add #6098 * Changelog: add #6186 * Testing list: add Publicize instructions. * Changelog: add #6190 * Changelog: add #6194 * Changelog: add #6230 * Changelog: add #6232 * Changelog: add #6234 * Testing list: add instructions to test Woo JITM. * Testing list: add PHP 7.1 testing. * Testing list: add compat tests for widgets and shortcodes. * Testing list: add wpcom REST API testing. * Missing word in testing list. * generate new module headers (#6264) * Tracks: don't track during CI runs * WPCOM MERGE Infinite Scroll (#6246) * VIP: Query errors generated for HoopsHype are caused by the infinite scroll functionality. This filter will allow to use rewrite rules so that the infinity functions can be called by rewrite rules that will be cached by batcache. Merges r120201-wpcom. * Infinite Scroll: only disable in the Customizer when previewing a non-active theme. Fixes #7507 See [115743] #6795 Merges r122634-wpcom. * Infinite Scroll: allow `get_settings` to be filtered at later points than just `__construct`. See #7539. Merges r123819-wpcom. * Infinite Scroll: add translation function to credit line. Merges #2537 Fixes #2528 https://[private link] Merges r132540-wpcom. * Infinite Scroll: fix IS when content includes Curly Quotes (and other non-UTF8 chars) Using wp_json_encode instead of json_encode allowing us to replace invalid chars with HTML entities. Merges #1447 Fixes #1446 props jtsternberg https://[private link] Merges r132541-wpcom. * Infinite Scroll: add check on ob_end_clean for cases where output_buffering is disabled Merges #2545 Props drrobotnik https://[private link] Merges r132542-wpcom. * Infinite Scroll: check that search terms exist before matching against post title. Merges #2128 Fixes #2075 Props cainm https://[private link] Merges r132543-wpcom. * Infinite Scroll: Fatal error when calling protected method from WP_Query Since we already have wp_query() we can use its query_vars['search_terms'] property instead of calling parse_search_terms(). It gets populated on https://github.com/WordPress/WordPress/blob/4.3.1/wp-includes/query.php#L2075 with the same data. Merges #2827 Fixes #2255 Props osiux https://[private link] Merges r132544-wpcom. * Infinite Scroll: Hide infinite-scroll class if the option is disabled The Jetpack support page says that the infinite-scroll class should be used in a theme to hide the navigation links. However, even when disabled in the Reading page, the class is still visible and the CSS is applied just as if the scroll is enabled. This commit adds an option check before filtering the body_class classes. Merges #1208 Props mpeshev https://[private link] Merges r132546-wpcom. * Infinite Scroll: Don't clobber the posts_per_page option if provided Infinite Scroll currently clobbers any passed-in value for posts_per_page if the type is set to click. This commit changes the behavior to match the documentation: https://jetpack.me/support/infinite-scroll/ Merges #2808 Props codebykat https://[private link] Merges r132547-wpcom. * Infinite Scroll: document all filter and action hooks Merges #2852 https://[private link] Merges r132551-wpcom. * Infinite Scroll: favor user set settings over theme settings If user changed their posts_per_page option, use that in Infinite Scroll instead of the value set in theme's IS support declaration. Only true when IS is set to click. Related: r132547 Discussion: https://[private link]#comment-31306 Merges r132764-wpcom. * Infinite Scroll: Merge changes from Jetpack into wpcom Just removing some whitespace so the 2 files are exactly similar and do not trigger the build script anymore. Merges r132787-wpcom. * Infinite Scroll: Make sure the body class gets updated once we are done with IS even when we just click Merges r134572-wpcom. * Remove `target="_blank"` from internal link. Accidentally added by #3600, which was intended to add only to external links. * JSON API: Removes PHP notice when no taxonomy description provided Fixes #4424 * JSON API: Removes PHP notice when no term description provided Fixes: #5943 * Google Analytics: hook tracking code into wp_footer. (#6284) get_footer might not be compatible with every theme out there. * Google Analytics: add HTML comment before the script output. (#6288) * Sync: Return expected response on Jetpack side * GA: Update inactive description to match calypso (#6291) * lodash: import specific function (#6295) * Change Infinite Scroll Google Analytics option label (#6239) * Sync: Fixes an issue where sync_wait_time was immediately overwritten in sync sender (#6281) * Documentation: reorganize current docs and create new ones. (#5985) * Documentation: reorganize current docs and create new ones. - Make contributing less frightening and easier for all potential contributors. - Make our guidelines and requirements clearer. - Surface all data in our contributing guide. - Offer options to contribute to everyone, even if it's not via code. - Outline our release management process, and approach to code reviews and Pull Requests. * Documentation: fix typos, headings, wrong links. * Add PHPCS and ESLint to the development environment documentation. * Docs: include some information about PHP Unit Testing. Fixes #6236 * Docs: add "Development" section. @see #5985 (comment) * update languages (#6302) * Bump version to 4.7-alpha (#6301) * Fix: Use the site_icon id instead of the url (#6303) When $image_url is set to a photon image we are not able to deremine the $image_id. Instead we should use the option that stores the ID instead. This fixes the issue when we show the default image instead of the site icon as the open graph main image. When photon is enabled and the site icon is set. * Add unit test for Publicize (#6018) * Add the accessible-focus library from dops-components to enable keyboard focus styles (#6300) * Use shorter WooCommerce Services MC stat slug. * Track WooCommerce services install as a module activation, not a WPCOM tools event. * Track WooCommerce Services JITM click and activation separately. * Update printThis to v1.9.0 (#6263) * Update to printThis v1.9 Additional options, including: * base tag * preservation of form values * doctype * canvas (experimental) * Additional cleanup * Added jshint * Date update Update date for `wp_enqueue_script` for printThis to prevent caching issues * Add filter for WordPress Posts widget content * Replace esc_html_e with esc_html__. Change the initialization of . * Don't call site_url() twice Instead of calling the function twice, which is a waste, assign the value to a variable and use that value to check whether we're on a tld-less domain or not. * Upgrades yarn lock file and fixes builds for master branch. (#6309) * Fixing a problem with local import. * Running yarn upgrade. * Added the print this library to jshint ignore. * Added a new generated RTL CSS file. * Changelog: update for release (#6280) * Changelog: add release post link. * Improved the changelog for readability and understanding * some minor adjustments were made to wording and to eliminate errors * Fix typos * update SSO changelog entry verbiage * changelogs edits per sdquirk * Adds vscode dir to ignore Visual Studio Code can store per-project settings in a .vscode folder; this updates .gitignore to ignore that, since it shouldn't be checked in. * Follow Widget: load translation files using wpcom language codes. (#5941) * Follow Widget: load translation files using wpcom language codes. Related: #2698 The widget previously used the site's language code to populate the `data-lang` parameter. that parameter is used to grab language files from WordPress.com, and should consequently use a language code that's available on WordPress.com. We consequently use the data available in locales.php to use the `slug` language code instead of `wp_locale` for each language. * Follow Widget / Notes: avoid calling get_locale() twice. It's been called before on the file. @see #5941 (review) * Remove Jetpack_Network::wp_get_sites in favor of core's wp_get_sites (#3405) * Removes Jetpack_Network::wp_get_sites and uses core's wp_get_sites instead. Changes usages of returned array since the one in Jetpack returned an array of objects and the one in core returns an array of arrays. Call to wp_get_sites has offset set to 1 to dismiss the first site since Function in Jetpack excluded the first site as well. * Make strings available for translation. * Use get_sites() instead of deprecated wp_get_sites() * Escape URLs in network admin, even though they are presumed safe * Network: introduce get_current_blog_id() when discarding the main site from sites table * Holiday Snow: remove settings outside of Holiday Snow period (#6298) * Only show holiday snow option 1 week before, through to 1 week after holiday snow period. Always show holiday snow option if custom rules have been set for holiday snow period. * Disable holiday snow option on Jan 4; not Jan 11 * Don't use Initial_State to fetch holiday snow option visibility * Media Summary: improve performance with single page load caching (#5938) * improve Jetpack_Media_Summary performance by caching result for a single pageload * spacing * no need to md5, also set cache to private * Remove unnecessary error_log (#6318) * Improve translatability of plurals and texts with variables (#6307) * Make gettext call plural aware * Add translator comments and convert plural strings * Slideshow: add filter to customize speed of the Slideshow. Suggested in https://wordpress.org/support/topic/gallery-slideshow-settings-editable-somehow * Slideshow: bump js version to bust cache. * Slideshow: use the timeout param instead of speed @see http://jquery.malsup.com/cycle/options.html * Slideshow shortcode: update version number in docblock. * Replace text labels with x and + icons. * Fix bug where wrong xmlrpc url was being sent to Jetpack Debugger (#6321) * Ignore GET parameters when checking an image's original file url matches container href (#6296) * Add email field to Contact Info Widget (#6275) * Add email field to Contact Info Widget * Replace admin email with sample email. Validate email and remove link if it is not * Display nothing when the email check fails * Remove email default value * Remove PHP error on uninstall, by making sure that jetpack includes all the required files (#6320) * Add image caching to jetpack_og_get_image() (#6297) * Add image caching to jetpack_og_get_image() This adds a transient to store the value of the $image_id to "speed up" the function to fix #6017 * Added missing semicolons at EOL on a couple lines * Adding some whitespace per coding standards * upgrade yarn.lock
kraftbj
removed
the
[Status] Ready to Merge
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #6073
Changes proposed in this Pull Request:
This pull request seeks to resolve an issue where providing one's own Photon domain via the
jetpack_photon_domainwould not have its scheme respected and instead forced to HTTPS, regardless of whether the custom domain is capable of supporting it.The changes here force only those URLs we detect to be Photon to HTTPS. Combined with previous changes in 0fa10d4, this should ensure all Photon URLs use HTTPS while still respecting custom domains provided through the filter.
Further, it resolves an issue where if a custom domain is provided for Photon that is already "network_path" and a valid scheme is provided, that scheme should be reflected in the return value.
Testing instructions:
Verify newly added unit tests are passing:
Replace
WP_DEVELOP_DIRwith a path to a checkout of the WordPress develop repository.(See original testing instructions)
cc @danielbachhuber @jeherve