#54803 closed defect (bug) (fixed)
https_ssl_verify filter should be documented as accepting string values too
| Reported by: |
chesio
|
Owned by: |
johnbillion
|
|---|---|---|---|
| Milestone: | 6.2 | Priority: | normal |
| Severity: | normal | Version: | 4.6 |
| Component: | HTTP API | Keywords: | has-patch |
| Focuses: | docs | Cc: |
Description
The https_ssl_verify filter is currently documented to expect and return a boolean value: whether to verify the SSL connection.
In context of WP_Http::request() call, it can be however handled a string value (path to SSL certificate bundle) too: it gets value of sslcertificates argument whenever sslverify argument is true. See lines 355, 359 and 376.
It seems this is a regression introduced in [37428] where Requests library replaced custom implementation.
Sidenote: The same would apply to the "sibling" https_local_ssl_verify filter, but this filter is currently not executed in context of WP_Http::request() call - this seem to be a bug, see #51767.
Change History (5)
This ticket was mentioned in PR #3837 on WordPress/wordpress-develop by @mcaskill.
19 months ago
#1
- Keywords has-patch added
#2
@
19 months ago
I've recently stumbled upon this issue and I've provided a pull request to fix the documentation.
#3
@
19 months ago
- Milestone changed from Awaiting Review to 6.2
- Owner set to johnbillion
- Status changed from new to accepted
The `https_ssl_verify` and `https_local_ssl_verify` filters are currently documented to expect and return a boolean value (whether to verify the SSL connection) and to expect a request URL.
However a string value (path to SSL certificate bundle) is often provided and when a boolean is provided, it is often
falseinstead oftrue.Furthermore, the request URL is often omitted.
See `WP_Site_Health::get_test_rest_availability()` for an example.
Trac ticket: https://core.trac.wordpress.org/ticket/54803