%PDF- %PDF-
Direktori : /home/t/r/a/tradesc/www/relax/wp-content/plugins/really-simple-ssl/ |
Current File : /home/t/r/a/tradesc/www/relax/wp-content/plugins/really-simple-ssl/class-mixed-content-fixer.php |
<?php defined('ABSPATH') or die("you do not have access to this page!"); if (!class_exists('rsssl_admin_mixed_content_fixer')) { class rsssl_mixed_content_fixer { private static $_this; public $http_urls = array(); public $mixed_content_fixer = false; public $hide_wordpress_version = false; function __construct() { if (isset(self::$_this)) wp_die(); self::$_this = $this; $this->mixed_content_fixer = is_ssl() && rsssl_get_option('mixed_content_fixer', true ); $this->hide_wordpress_version = rsssl_get_option('hide_wordpress_version' ); if ( !is_admin() && ($this->mixed_content_fixer || $this->hide_wordpress_version )) { $this->handle_output_buffer(); } else if ( is_admin() && is_ssl() && rsssl_get_option("admin_mixed_content_fixer") ) { $this->mixed_content_fixer = true; $this->handle_output_buffer(); } } static function this() { return self::$_this; } /** * * add action hooks at the start and at the end of the WP process. * * @since 2.3 * * @access public * */ public function handle_output_buffer() { /* Do not fix mixed content when call is coming from wp_api or from xmlrpc */ if (defined('JSON_REQUEST') && JSON_REQUEST) return; if (defined('XMLRPC_REQUEST') && XMLRPC_REQUEST) return; $this->build_url_list(); if ( is_admin() ) { add_action("admin_init", array($this, "start_buffer"), 100); add_action("shutdown", array($this, "end_buffer"), 999); } else { if ( rsssl_get_option("switch_mixed_content_fixer_hook") || (defined('RSSSL_CONTENT_FIXER_ON_INIT') && RSSSL_CONTENT_FIXER_ON_INIT)) { add_action("init", array($this, "start_buffer")); } else { add_action("template_redirect", array($this, "start_buffer")); } add_action("shutdown", array($this, "end_buffer"), 999); } } /** * Apply the mixed content fixer. * * @since 2.3 * * @access public * */ public function filter_buffer($buffer) { if ( $this->mixed_content_fixer ) { $buffer = $this->replace_insecure_links($buffer); } return apply_filters("rsssl_fixer_output", $buffer ); } /** * Start buffering the output * * @since 2.0 * * @access public * */ public function start_buffer() { ob_start(array($this, "filter_buffer")); } /** * Flush the output buffer * * @since 2.0 * * @access public * */ public function end_buffer() { if (ob_get_length()) ob_end_flush(); } /** * Creates an array of insecure links that should be https and an array of secure links to replace with * * @since 2.0 * * @access public * */ public function build_url_list() { $home = str_replace("https://", "http://", get_option('home') ); $root = str_replace("://www.", "://", $home); $www = str_replace("://", "://www.", $root); //for the escaped version, we only replace the home_url, not it's www or non www counterpart, as it is most likely not used $escaped_home = str_replace("/", "\/", $home); $this->http_urls = array( $www, $root, $escaped_home, "src='http://", 'src="http://', ); } /** * Just before the page is sent to the visitor's browser, all homeurl links are replaced with https. * * @since 1.0 * * @access public * */ public function replace_insecure_links($str) { //skip if file is xml if ( strpos( $str, "<?xml" ) === 0 ) { return $str; } $search_array = apply_filters('rlrsssl_replace_url_args', $this->http_urls); $ssl_array = str_replace(array("http://", "http:\/\/"), array("https://", "https:\/\/"), $search_array); $str = str_replace($search_array, $ssl_array, $str); //replace all http links except hyperlinks //all tags with src attr are already fixed by str_replace $pattern = array( '/url\([\'"]?\K(http:\/\/)(?=[^)]+)/i', '/<link [^>]*?href=[\'"]\K(http:\/\/)(?=[^\'"]+)/i', '/<meta property="og:image" [^>]*?content=[\'"]\K(http:\/\/)(?=[^\'"]+)/i', '/<form [^>]*?action=[\'"]\K(http:\/\/)(?=[^\'"]+)/i', ); $str = preg_replace($pattern, 'https://', $str); /* handle multiple images in srcset */ $str = preg_replace_callback('/<img[^\>]*[^\>\S]+srcset=[\'"]\K((?:[^"\'\s,]+\s*(?:\s+\d+[wx])(?:,\s*)?)+)["\']/', array($this, 'replace_src_set'), $str); return str_replace("<body", '<body data-rsssl=1', $str); } /** * Helper function * * */ public function replace_src_set($matches) { return str_replace("http://", "https://", $matches[0]); } } }