1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
<?php
if ( ! defined( 'ABSPATH' ) ) {
exit; // Exit if accessed directly
}
/**
* WC_HTTPS class.
*
* @class WC_HTTPS
* @version 2.2.0
* @package WooCommerce/Classes
* @category Class
* @author WooThemes
*/
class WC_HTTPS {
/**
* Hook in our HTTPS functions if we're on the frontend. This will ensure any links output to a page (when viewing via HTTPS) are also served over HTTPS.
*/
public static function init() {
if ( 'yes' === get_option( 'woocommerce_force_ssl_checkout' ) && ! is_admin() ) {
// HTTPS urls with SSL on
$filters = array(
'post_thumbnail_html',
'wp_get_attachment_image_attributes',
'wp_get_attachment_url',
'option_stylesheet_url',
'option_template_url',
'script_loader_src',
'style_loader_src',
'template_directory_uri',
'stylesheet_directory_uri',
'site_url',
);
foreach ( $filters as $filter ) {
add_filter( $filter, array( __CLASS__, 'force_https_url' ), 999 );
}
add_filter( 'page_link', array( __CLASS__, 'force_https_page_link' ), 10, 2 );
add_action( 'template_redirect', array( __CLASS__, 'force_https_template_redirect' ) );
if ( 'yes' == get_option( 'woocommerce_unforce_ssl_checkout' ) ) {
add_action( 'template_redirect', array( __CLASS__, 'unforce_https_template_redirect' ) );
}
}
add_action( 'http_api_curl', array( __CLASS__, 'http_api_curl' ), 10, 3 );
}
/**
* Force https for urls.
*
* @param mixed $content
* @return string
*/
public static function force_https_url( $content ) {
if ( is_ssl() ) {
if ( is_array( $content ) ) {
$content = array_map( 'WC_HTTPS::force_https_url', $content );
} else {
$content = str_replace( 'http:', 'https:', $content );
}
}
return $content;
}
/**
* Force a post link to be SSL if needed.
*
* @param string $link
* @param int $page_id
*
* @return string
*/
public static function force_https_page_link( $link, $page_id ) {
if ( in_array( $page_id, array( get_option( 'woocommerce_checkout_page_id' ), get_option( 'woocommerce_myaccount_page_id' ) ) ) ) {
$link = str_replace( 'http:', 'https:', $link );
} elseif ( 'yes' === get_option( 'woocommerce_unforce_ssl_checkout' ) && ! wc_site_is_https() ) {
$link = str_replace( 'https:', 'http:', $link );
}
return $link;
}
/**
* Template redirect - if we end up on a page ensure it has the correct http/https url.
*/
public static function force_https_template_redirect() {
if ( ! is_ssl() && ( is_checkout() || is_account_page() || apply_filters( 'woocommerce_force_ssl_checkout', false ) ) ) {
if ( 0 === strpos( $_SERVER['REQUEST_URI'], 'http' ) ) {
wp_safe_redirect( preg_replace( '|^http://|', 'https://', $_SERVER['REQUEST_URI'] ) );
exit;
} else {
wp_safe_redirect( 'https://' . ( ! empty( $_SERVER['HTTP_X_FORWARDED_HOST'] ) ? $_SERVER['HTTP_X_FORWARDED_HOST'] : $_SERVER['HTTP_HOST'] ) . $_SERVER['REQUEST_URI'] );
exit;
}
}
}
/**
* Template redirect - if we end up on a page ensure it has the correct http/https url.
*/
public static function unforce_https_template_redirect() {
if ( function_exists( 'is_customize_preview' ) && is_customize_preview() ) {
return;
}
if ( ! wc_site_is_https() && is_ssl() && $_SERVER['REQUEST_URI'] && ! is_checkout() && ! is_ajax() && ! is_account_page() && apply_filters( 'woocommerce_unforce_ssl_checkout', true ) ) {
if ( 0 === strpos( $_SERVER['REQUEST_URI'], 'http' ) ) {
wp_safe_redirect( preg_replace( '|^https://|', 'http://', $_SERVER['REQUEST_URI'] ) );
exit;
} else {
wp_safe_redirect( 'http://' . ( ! empty( $_SERVER['HTTP_X_FORWARDED_HOST'] ) ? $_SERVER['HTTP_X_FORWARDED_HOST'] : $_SERVER['HTTP_HOST'] ) . $_SERVER['REQUEST_URI'] );
exit;
}
}
}
/**
* Force posts to PayPal to use TLS v1.2. See:
* https://core.trac.wordpress.org/ticket/36320
* https://core.trac.wordpress.org/ticket/34924#comment:13
* https://www.paypal-knowledge.com/infocenter/index?page=content&widgetview=true&id=FAQ1914&viewlocale=en_US
*
* @param string $handle
* @param mixed $r
* @param string $url
*/
public static function http_api_curl( $handle, $r, $url ) {
if ( strstr( $url, 'https://' ) && ( strstr( $url, '.paypal.com/nvp' ) || strstr( $url, '.paypal.com/cgi-bin/webscr' ) ) ) {
curl_setopt( $handle, CURLOPT_SSLVERSION, 6 );
}
}
}
WC_HTTPS::init();