W3cubDocs

/WordPress

WP_Http::request( string $url, string|array $args = array() )

Send an HTTP request to a URI.

Description

Please note: The only URI that are supported in the HTTP Transport implementation are the HTTP and HTTPS protocols.

Parameters

$url

(string) (Required) The request URL.

$args

(string|array) (Optional) Array or string of HTTP request arguments.

  • 'method'
    (string) Request method. Accepts 'GET', 'POST', 'HEAD', 'PUT', 'DELETE', 'TRACE', 'OPTIONS', or 'PATCH'. Some transports technically allow others, but should not be assumed. Default 'GET'.
  • 'timeout'
    (float) How long the connection should stay open in seconds. Default 5.
  • 'redirection'
    (int) Number of allowed redirects. Not supported by all transports Default 5.
  • 'httpversion'
    (string) Version of the HTTP protocol to use. Accepts '1.0' and '1.1'. Default '1.0'.
  • 'user-agent'
    (string) User-agent value sent. Default 'WordPress/' . get_bloginfo( 'version' ) . '; ' . get_bloginfo( 'url' ).
  • 'reject_unsafe_urls'
    (bool) Whether to pass URLs through wp_http_validate_url(). Default false.
  • 'blocking'
    (bool) Whether the calling code requires the result of the request. If set to false, the request will be sent to the remote server, and processing returned to the calling code immediately, the caller will know if the request succeeded or failed, but will not receive any response from the remote server. Default true.
  • 'headers'
    (string|array) Array or string of headers to send with the request.
  • 'cookies'
    (array) List of cookies to send with the request.
  • 'body'
    (string|array) Body to send with the request. Default null.
  • 'compress'
    (bool) Whether to compress the $body when sending the request. Default false.
  • 'decompress'
    (bool) Whether to decompress a compressed response. If set to false and compressed content is returned in the response anyway, it will need to be separately decompressed. Default true.
  • 'sslverify'
    (bool) Whether to verify SSL for the request. Default true.
  • 'sslcertificates'
    (string) Absolute path to an SSL certificate .crt file. Default ABSPATH . WPINC . '/certificates/ca-bundle.crt'.
  • 'stream'
    (bool) Whether to stream to a file. If set to true and no filename was given, it will be droped it in the WP temp dir and its name will be set using the basename of the URL. Default false.
  • 'filename'
    (string) Filename of the file to write to when streaming. $stream must be set to true. Default null.
  • 'limit_response_size'
    (int) Size in bytes to limit the response to. Default null.

Default value: array()

Return

(array|WP_Error) Array containing 'headers', 'body', 'response', 'cookies', 'filename'. A WP_Error instance upon error.

Source

File: wp-includes/class-http.php 

public function request( $url, $args = array() ) {
		$defaults = array(
			'method'              => 'GET',
			/**
			 * Filters the timeout value for an HTTP request.
			 *
			 * @since 2.7.0
			 * @since 5.1.0 The `$url` parameter was added.
			 *
			 * @param float  $timeout_value Time in seconds until a request times out. Default 5.
			 * @param string $url           The request URL.
			 */
			'timeout'             => apply_filters( 'http_request_timeout', 5, $url ),
			/**
			 * Filters the number of redirects allowed during an HTTP request.
			 *
			 * @since 2.7.0
			 * @since 5.1.0 The `$url` parameter was added.
			 *
			 * @param int    $redirect_count Number of redirects allowed. Default 5.
			 * @param string $url            The request URL.
			 */
			'redirection'         => apply_filters( 'http_request_redirection_count', 5, $url ),
			/**
			 * Filters the version of the HTTP protocol used in a request.
			 *
			 * @since 2.7.0
			 * @since 5.1.0 The `$url` parameter was added.
			 *
			 * @param string $version Version of HTTP used. Accepts '1.0' and '1.1'. Default '1.0'.
			 * @param string $url     The request URL.
			 */
			'httpversion'         => apply_filters( 'http_request_version', '1.0', $url ),
			/**
			 * Filters the user agent value sent with an HTTP request.
			 *
			 * @since 2.7.0
			 * @since 5.1.0 The `$url` parameter was added.
			 *
			 * @param string $user_agent WordPress user agent string.
			 * @param string $url        The request URL.
			 */
			'user-agent'          => apply_filters( 'http_headers_useragent', 'WordPress/' . get_bloginfo( 'version' ) . '; ' . get_bloginfo( 'url' ), $url ),
			/**
			 * Filters whether to pass URLs through wp_http_validate_url() in an HTTP request.
			 *
			 * @since 3.6.0
			 * @since 5.1.0 The `$url` parameter was added.
			 *
			 * @param bool   $pass_url Whether to pass URLs through wp_http_validate_url(). Default false.
			 * @param string $url      The request URL.
			 */
			'reject_unsafe_urls'  => apply_filters( 'http_request_reject_unsafe_urls', false, $url ),
			'blocking'            => true,
			'headers'             => array(),
			'cookies'             => array(),
			'body'                => null,
			'compress'            => false,
			'decompress'          => true,
			'sslverify'           => true,
			'sslcertificates'     => ABSPATH . WPINC . '/certificates/ca-bundle.crt',
			'stream'              => false,
			'filename'            => null,
			'limit_response_size' => null,
		);

		// Pre-parse for the HEAD checks.
		$args = wp_parse_args( $args );

		// By default, HEAD requests do not cause redirections.
		if ( isset( $args['method'] ) && 'HEAD' === $args['method'] ) {
			$defaults['redirection'] = 0;
		}

		$parsed_args = wp_parse_args( $args, $defaults );
		/**
		 * Filters the arguments used in an HTTP request.
		 *
		 * @since 2.7.0
		 *
		 * @param array  $parsed_args An array of HTTP request arguments.
		 * @param string $url         The request URL.
		 */
		$parsed_args = apply_filters( 'http_request_args', $parsed_args, $url );

		// The transports decrement this, store a copy of the original value for loop purposes.
		if ( ! isset( $parsed_args['_redirection'] ) ) {
			$parsed_args['_redirection'] = $parsed_args['redirection'];
		}

		/**
		 * Filters the preemptive return value of an HTTP request.
		 *
		 * Returning a non-false value from the filter will short-circuit the HTTP request and return
		 * early with that value. A filter should return one of:
		 *
		 *  - An array containing 'headers', 'body', 'response', 'cookies', and 'filename' elements
		 *  - A WP_Error instance
		 *  - boolean false to avoid short-circuiting the response
		 *
		 * Returning any other value may result in unexpected behaviour.
		 *
		 * @since 2.9.0
		 *
		 * @param false|array|WP_Error $preempt     A preemptive return value of an HTTP request. Default false.
		 * @param array                $parsed_args HTTP request arguments.
		 * @param string               $url         The request URL.
		 */
		$pre = apply_filters( 'pre_http_request', false, $parsed_args, $url );

		if ( false !== $pre ) {
			return $pre;
		}

		if ( function_exists( 'wp_kses_bad_protocol' ) ) {
			if ( $parsed_args['reject_unsafe_urls'] ) {
				$url = wp_http_validate_url( $url );
			}
			if ( $url ) {
				$url = wp_kses_bad_protocol( $url, array( 'http', 'https', 'ssl' ) );
			}
		}

		$arrURL = parse_url( $url );

		if ( empty( $url ) || empty( $arrURL['scheme'] ) ) {
			$response = new WP_Error( 'http_request_failed', __( 'A valid URL was not provided.' ) );
			/** This action is documented in wp-includes/class-http.php */
			do_action( 'http_api_debug', $response, 'response', 'Requests', $parsed_args, $url );
			return $response;
		}

		if ( $this->block_request( $url ) ) {
			$response = new WP_Error( 'http_request_not_executed', __( 'User has blocked requests through HTTP.' ) );
			/** This action is documented in wp-includes/class-http.php */
			do_action( 'http_api_debug', $response, 'response', 'Requests', $parsed_args, $url );
			return $response;
		}

		// If we are streaming to a file but no filename was given drop it in the WP temp dir
		// and pick its name using the basename of the $url.
		if ( $parsed_args['stream'] ) {
			if ( empty( $parsed_args['filename'] ) ) {
				$parsed_args['filename'] = get_temp_dir() . basename( $url );
			}

			// Force some settings if we are streaming to a file and check for existence
			// and perms of destination directory.
			$parsed_args['blocking'] = true;
			if ( ! wp_is_writable( dirname( $parsed_args['filename'] ) ) ) {
				$response = new WP_Error( 'http_request_failed', __( 'Destination directory for file streaming does not exist or is not writable.' ) );
				/** This action is documented in wp-includes/class-http.php */
				do_action( 'http_api_debug', $response, 'response', 'Requests', $parsed_args, $url );
				return $response;
			}
		}

		if ( is_null( $parsed_args['headers'] ) ) {
			$parsed_args['headers'] = array();
		}

		// WP allows passing in headers as a string, weirdly.
		if ( ! is_array( $parsed_args['headers'] ) ) {
			$processedHeaders       = WP_Http::processHeaders( $parsed_args['headers'] );
			$parsed_args['headers'] = $processedHeaders['headers'];
		}

		// Setup arguments.
		$headers = $parsed_args['headers'];
		$data    = $parsed_args['body'];
		$type    = $parsed_args['method'];
		$options = array(
			'timeout'   => $parsed_args['timeout'],
			'useragent' => $parsed_args['user-agent'],
			'blocking'  => $parsed_args['blocking'],
			'hooks'     => new WP_HTTP_Requests_Hooks( $url, $parsed_args ),
		);

		// Ensure redirects follow browser behaviour.
		$options['hooks']->register( 'requests.before_redirect', array( get_class(), 'browser_redirect_compatibility' ) );

		// Validate redirected URLs.
		if ( function_exists( 'wp_kses_bad_protocol' ) && $parsed_args['reject_unsafe_urls'] ) {
			$options['hooks']->register( 'requests.before_redirect', array( get_class(), 'validate_redirects' ) );
		}

		if ( $parsed_args['stream'] ) {
			$options['filename'] = $parsed_args['filename'];
		}
		if ( empty( $parsed_args['redirection'] ) ) {
			$options['follow_redirects'] = false;
		} else {
			$options['redirects'] = $parsed_args['redirection'];
		}

		// Use byte limit, if we can.
		if ( isset( $parsed_args['limit_response_size'] ) ) {
			$options['max_bytes'] = $parsed_args['limit_response_size'];
		}

		// If we've got cookies, use and convert them to Requests_Cookie.
		if ( ! empty( $parsed_args['cookies'] ) ) {
			$options['cookies'] = WP_Http::normalize_cookies( $parsed_args['cookies'] );
		}

		// SSL certificate handling.
		if ( ! $parsed_args['sslverify'] ) {
			$options['verify']     = false;
			$options['verifyname'] = false;
		} else {
			$options['verify'] = $parsed_args['sslcertificates'];
		}

		// All non-GET/HEAD requests should put the arguments in the form body.
		if ( 'HEAD' !== $type && 'GET' !== $type ) {
			$options['data_format'] = 'body';
		}

		/**
		 * Filters whether SSL should be verified for non-local requests.
		 *
		 * @since 2.8.0
		 * @since 5.1.0 The `$url` parameter was added.
		 *
		 * @param bool   $ssl_verify Whether to verify the SSL connection. Default true.
		 * @param string $url        The request URL.
		 */
		$options['verify'] = apply_filters( 'https_ssl_verify', $options['verify'], $url );

		// Check for proxies.
		$proxy = new WP_HTTP_Proxy();
		if ( $proxy->is_enabled() && $proxy->send_through_proxy( $url ) ) {
			$options['proxy'] = new Requests_Proxy_HTTP( $proxy->host() . ':' . $proxy->port() );

			if ( $proxy->use_authentication() ) {
				$options['proxy']->use_authentication = true;
				$options['proxy']->user               = $proxy->username();
				$options['proxy']->pass               = $proxy->password();
			}
		}

		// Avoid issues where mbstring.func_overload is enabled.
		mbstring_binary_safe_encoding();

		try {
			$requests_response = Requests::request( $url, $headers, $data, $type, $options );

			// Convert the response into an array.
			$http_response = new WP_HTTP_Requests_Response( $requests_response, $parsed_args['filename'] );
			$response      = $http_response->to_array();

			// Add the original object to the array.
			$response['http_response'] = $http_response;
		} catch ( Requests_Exception $e ) {
			$response = new WP_Error( 'http_request_failed', $e->getMessage() );
		}

		reset_mbstring_encoding();

		/**
		 * Fires after an HTTP API response is received and before the response is returned.
		 *
		 * @since 2.8.0
		 *
		 * @param array|WP_Error $response    HTTP response or WP_Error object.
		 * @param string         $context     Context under which the hook is fired.
		 * @param string         $class       HTTP transport used.
		 * @param array          $parsed_args HTTP request arguments.
		 * @param string         $url         The request URL.
		 */
		do_action( 'http_api_debug', $response, 'response', 'Requests', $parsed_args, $url );
		if ( is_wp_error( $response ) ) {
			return $response;
		}

		if ( ! $parsed_args['blocking'] ) {
			return array(
				'headers'       => array(),
				'body'          => '',
				'response'      => array(
					'code'    => false,
					'message' => false,
				),
				'cookies'       => array(),
				'http_response' => null,
			);
		}

		/**
		 * Filters the HTTP API response immediately before the response is returned.
		 *
		 * @since 2.9.0
		 *
		 * @param array  $response    HTTP response.
		 * @param array  $parsed_args HTTP request arguments.
		 * @param string $url         The request URL.
		 */
		return apply_filters( 'http_response', $response, $parsed_args, $url );
	}

Uses

Uses Description
wp-includes/class-wp-http-requests-hooks.php: WP_HTTP_Requests_Hooks::__construct()

Constructor.
wp-includes/class-requests.php: Requests::request()

Main interface for HTTP requests
wp-includes/Requests/Proxy/HTTP.php: Requests_Proxy_HTTP::__construct()

Constructor
wp-includes/class-wp-http-requests-response.php: WP_HTTP_Requests_Response::__construct()

Constructor.
wp-includes/class-http.php: WP_Http::normalize_cookies()

Normalizes cookies for using in Requests.
wp-includes/l10n.php: __()

Retrieve the translation of $text.
wp-includes/general-template.php: get_bloginfo()

Retrieves information about the current site.
wp-includes/kses.php: wp_kses_bad_protocol()

Sanitizes a string and removed disallowed URL protocols.
wp-includes/class-http.php: WP_Http::block_request()

Determines whether an HTTP API request to the given URL should be blocked.
wp-includes/class-http.php: https_ssl_verify

Filters whether SSL should be verified for non-local requests.
wp-includes/class-http.php: WP_Http::processHeaders()

Transforms header string into an array.
wp-includes/class-http.php: http_headers_useragent

Filters the user agent value sent with an HTTP request.
wp-includes/class-http.php: http_request_reject_unsafe_urls

Filters whether to pass URLs through wp_http_validate_url() in an HTTP request.
wp-includes/class-http.php: http_request_args

Filters the arguments used in an HTTP request.
wp-includes/class-http.php: pre_http_request

Filters the preemptive return value of an HTTP request.
wp-includes/class-http.php: http_api_debug

Fires after an HTTP API response is received and before the response is returned.
wp-includes/class-http.php: http_response

Filters the HTTP API response immediately before the response is returned.
wp-includes/functions.php: reset_mbstring_encoding()

Reset the mbstring internal encoding to a users previously set encoding.
wp-includes/functions.php: mbstring_binary_safe_encoding()

Set the mbstring internal encoding to a binary safe encoding when func_overload is enabled.
wp-includes/class-http.php: http_request_timeout

Filters the timeout value for an HTTP request.
wp-includes/class-http.php: http_request_redirection_count

Filters the number of redirects allowed during an HTTP request.
wp-includes/class-http.php: http_request_version

Filters the version of the HTTP protocol used in a request.
wp-includes/functions.php: wp_parse_args()

Merge user defined arguments into defaults array.
wp-includes/functions.php: get_temp_dir()

Determine a writable directory for temporary files.
wp-includes/functions.php: wp_is_writable()

Determine if a directory is writable.
wp-includes/http.php: wp_http_validate_url()

Validate a URL for safe use in the HTTP API.
wp-includes/plugin.php: apply_filters()

Calls the callback functions that have been added to a filter hook.
wp-includes/plugin.php: do_action()

Execute functions hooked on a specific action hook.
wp-includes/load.php: is_wp_error()

Check whether variable is a WordPress Error.
wp-includes/class-wp-error.php: WP_Error::__construct()

Initialize the error.

Used By

Used By Description
wp-includes/class-http.php: WP_Http::post()

Uses the POST HTTP method.
wp-includes/class-http.php: WP_Http::get()

Uses the GET HTTP method.
wp-includes/class-http.php: WP_Http::head()

Uses the HEAD HTTP method.

Changelog

Version Description
2.7.0 Introduced.

© 2003–2019 WordPress Foundation
Licensed under the GNU GPLv2+ License.
https://developer.wordpress.org/reference/classes/wp_http/request