File Editor
Directories:
.. (Back)
ajax
capabilities
endpoints
exceptions
filters
formatter
google_search_console
import
listeners
menu
metabox
notifiers
pages
roles
services
statistics
taxonomy
tracking
views
watchers
Files:
admin-settings-changed-listener.php
ajax.php
class-admin-asset-analysis-worker-location.php
class-admin-asset-dev-server-location.php
class-admin-asset-location.php
class-admin-asset-manager.php
class-admin-asset-seo-location.php
class-admin-editor-specific-replace-vars.php
class-admin-gutenberg-compatibility-notification.php
class-admin-help-panel.php
class-admin-init.php
class-admin-recommended-replace-vars.php
class-admin-user-profile.php
class-admin-utils.php
class-admin.php
class-asset.php
class-bulk-description-editor-list-table.php
class-bulk-editor-list-table.php
class-bulk-title-editor-list-table.php
class-collector.php
class-config.php
class-database-proxy.php
class-export.php
class-expose-shortlinks.php
class-gutenberg-compatibility.php
class-meta-columns.php
class-my-yoast-proxy.php
class-option-tab.php
class-option-tabs-formatter.php
class-option-tabs.php
class-paper-presenter.php
class-plugin-availability.php
class-plugin-conflict.php
class-premium-popup.php
class-premium-upsell-admin-block.php
class-primary-term-admin.php
class-product-upsell-notice.php
class-remote-request.php
class-schema-person-upgrade-notification.php
class-suggested-plugins.php
class-wincher-dashboard-widget.php
class-yoast-columns.php
class-yoast-dashboard-widget.php
class-yoast-form.php
class-yoast-input-validation.php
class-yoast-network-admin.php
class-yoast-network-settings-api.php
class-yoast-notification-center.php
class-yoast-notification.php
class-yoast-notifications.php
class-yoast-plugin-conflict.php
index.php
interface-collection.php
interface-installable.php
Create New File
Create
Edit File: class-my-yoast-proxy.php
<?php /** * WPSEO plugin file. * * @package WPSEO\Admin */ /** * Loads the MyYoast proxy. * * This class registers a proxy page on `admin.php`. Which is reached with the `page=PAGE_IDENTIFIER` parameter. * It will read external files and serves them like they are located locally. */ class WPSEO_MyYoast_Proxy implements WPSEO_WordPress_Integration { /** * The page identifier used in WordPress to register the MyYoast proxy page. * * @var string */ public const PAGE_IDENTIFIER = 'wpseo_myyoast_proxy'; /** * The cache control's max age. Used in the header of a successful proxy response. * * @var int */ public const CACHE_CONTROL_MAX_AGE = DAY_IN_SECONDS; /** * Registers the hooks when the user is on the right page. * * @codeCoverageIgnore * * @return void */ public function register_hooks() { if ( ! $this->is_proxy_page() ) { return; } // Register the page for the proxy. add_action( 'admin_menu', [ $this, 'add_proxy_page' ] ); add_action( 'admin_init', [ $this, 'handle_proxy_page' ] ); } /** * Registers the proxy page. It does not actually add a link to the dashboard. * * @codeCoverageIgnore * * @return void */ public function add_proxy_page() { add_dashboard_page( '', '', 'read', self::PAGE_IDENTIFIER, '' ); } /** * Renders the requested proxy page and exits to prevent the WordPress UI from loading. * * @codeCoverageIgnore * * @return void */ public function handle_proxy_page() { $this->render_proxy_page(); // Prevent the WordPress UI from loading. exit; } /** * Renders the requested proxy page. * * This is separated from the exits to be able to test it. * * @return void */ public function render_proxy_page() { $proxy_options = $this->determine_proxy_options(); if ( $proxy_options === [] ) { // Do not accept any other file than implemented. $this->set_header( 'HTTP/1.0 501 Requested file not implemented' ); return; } // Set the headers before serving the remote file. $this->set_header( 'Content-Type: ' . $proxy_options['content_type'] ); $this->set_header( 'Cache-Control: max-age=' . self::CACHE_CONTROL_MAX_AGE ); try { echo $this->get_remote_url_body( $proxy_options['url'] ); } catch ( Exception $e ) { /* * Reset the file headers because the loading failed. * * Note: Due to supporting PHP 5.2 `header_remove` can not be used here. * Overwrite the headers instead. */ $this->set_header( 'Content-Type: text/plain' ); $this->set_header( 'Cache-Control: max-age=0' ); $this->set_header( 'HTTP/1.0 500 ' . $e->getMessage() ); } } /** * Tries to load the given url via `wp_remote_get`. * * @codeCoverageIgnore * * @param string $url The url to load. * * @return string The body of the response. * * @throws Exception When `wp_remote_get` returned an error. * @throws Exception When the response code is not 200. */ protected function get_remote_url_body( $url ) { $response = wp_remote_get( $url ); if ( $response instanceof WP_Error ) { throw new Exception( 'Unable to retrieve file from MyYoast' ); } if ( wp_remote_retrieve_response_code( $response ) !== 200 ) { throw new Exception( 'Received unexpected response from MyYoast' ); } return wp_remote_retrieve_body( $response ); } /** * Determines the proxy options based on the file and plugin version arguments. * * When the file is known it returns an array like this: * <code> * $array = array( * 'content_type' => 'the content type' * 'url' => 'the url, possibly with the plugin version' * ) * </code> * * @return array Empty for an unknown file. See format above for known files. */ protected function determine_proxy_options() { if ( $this->get_proxy_file() === 'research-webworker' ) { return [ 'content_type' => 'text/javascript; charset=UTF-8', 'url' => 'https://my.yoast.com/api/downloads/file/analysis-worker?plugin_version=' . $this->get_plugin_version(), ]; } return []; } /** * Checks if the current page is the MyYoast proxy page. * * @codeCoverageIgnore * * @return bool True when the page request parameter equals the proxy page. */ protected function is_proxy_page() { // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Reason: We are not processing form information. $page = isset( $_GET['page'] ) && is_string( $_GET['page'] ) ? sanitize_text_field( wp_unslash( $_GET['page'] ) ) : ''; return $page === self::PAGE_IDENTIFIER; } /** * Returns the proxy file from the HTTP request parameters. * * @codeCoverageIgnore * * @return string The sanitized file request parameter or an empty string if it does not exist. */ protected function get_proxy_file() { // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Reason: We are not processing form information. if ( isset( $_GET['file'] ) && is_string( $_GET['file'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Reason: We are not processing form information. return sanitize_text_field( wp_unslash( $_GET['file'] ) ); } return ''; } /** * Returns the plugin version from the HTTP request parameters. * * @codeCoverageIgnore * * @return string The sanitized plugin_version request parameter or an empty string if it does not exist. */ protected function get_plugin_version() { // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Reason: We are not processing form information. if ( isset( $_GET['plugin_version'] ) && is_string( $_GET['plugin_version'] ) ) { // phpcs:ignore WordPress.Security.NonceVerification.Recommended -- Reason: We are not processing form information. $plugin_version = sanitize_text_field( wp_unslash( $_GET['plugin_version'] ) ); // Replace slashes to secure against requiring a file from another path. return str_replace( [ '/', '\\' ], '_', $plugin_version ); } return ''; } /** * Sets the HTTP header. * * This is a tiny helper function to enable better testing. * * @codeCoverageIgnore * * @param string $header The header to set. * * @return void */ protected function set_header( $header ) { header( $header ); } }
Save Changes
Rename File
Rename