Should remove those fallbacks that using file_get_contents

Question

Should remove those fallbacks that using file_get_contents

Closed this issue 4 years ago · 0 comments

This is not actually going to work:

        $raw_html = wp_remote_retrieve_body( wp_remote_request( $get_uri ) );
        if ( ! $raw_html ) {
            if ( preg_match( '@^https://@', $get_uri ) == 1 ) {
                $options = stream_context_create([
                    'ssl' => [
                        'verify_peer' => false,
                        'verify_peer_name' => false,
                    ]
                ]);
                $raw_html = file_get_contents( $get_uri, false, $options );
            } else {
                $raw_html = file_get_contents( $get_uri, false );
            }

Many hosts block the use of file_get_contents on remote content. This is a security measure that we fully endorse.

The HTTP API you already included is far more reliable. You should remove those fallbacks.