Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
[WordPress] Plugin to prevent speed-costly redirects from HTTP to HTTPS for emoji URLs. Requires WordPress 4.2 up to 4.4.1. Emoji URLs have been fixed in WordPress core as of 4.4.2: https://core.trac.wordpress.org/ticket/35376
<?php
/**
* Plugin Name: Emoji Rocket 🚀
* Description: Prevents speed-costly redirects from HTTP to HTTPS for emoji URLs. Requires WordPress 4.2 up to 4.4.1.
* Version: 0.5
* Author: Caspar Hübinger
* Author URI: https://profiles.wordpress.org/glueckpress
* Plugin URI: https://gist.github.com/glueckpress/f949119dbd968917f803
* License: GNU General Public License v3 or later
* License URI: http://www.gnu.org/licenses/gpl-3.0.html
*/
defined( 'ABSPATH' ) or die( 'You know better.' );
/**
* The emoji CDN on s.w.org was added in WordPress 4.2.
* URLs were fixed in 4.4.2, so let’s bail early in case we’re below 4.2, or greater than 4.4.1.
*
* @link https://core.trac.wordpress.org/ticket/31651
* @link https://core.trac.wordpress.org/ticket/35376
*/
if ( version_compare( $GLOBALS['wp_version'], '4.2' ) < 0 || version_compare( $GLOBALS['wp_version'], '4.4.1' ) > 0 )
return;
/**
* Load plugin.
*
* @return void
*/
function emoji_rocket() {
/**
* We only need to proceed if this site is not SSL, because set_url_scheme()
* will only apply https to emoji requests if our local site is SSL, too.
*
* @link http://glck.be/7298/
*/
if ( is_ssl() )
return;
// SSL up and running on s.w.org?
$maybe_remote_ssl = get_transient( 'emoji_rocket__remote_ssl_check' );
/* s.w.org should have SSL enabled.
* However, in case SSL is down for whatever reason, let’s just stop here.
*/
if ( 'nope' === $maybe_remote_ssl )
return;
/* By now we can be sure, our default emoji URL does in fact has SSL,
* so let’s filter all emoji URLs to call them with HTTPS directly.
*/
add_filter( 'emoji_url', 'emoji_rocket__force_https' );
}
add_action( 'plugins_loaded', 'emoji_rocket' );
/**
* Forces HTTPS for emojis URLs requested from their default location on w.org.
*
* @param string $url Default emoji URL
* @return string Emoji URL with forced HTTPS
*/
function emoji_rocket__force_https( $url ) {
/* Checking once more in case URL has been filtered already and is not the
* default one anymore.
*/
if ( 0 !== stripos( $url, 'http://s.w.org/images/core/emoji/72x72/' ) )
return $url;
$url = set_url_scheme( $url, 'https' );
return $url;
}
/**
* Occasional check whether s.w.org’s SSL certificate is still up.
*
* Props @BoiteAWeb for pointing out this should be done on shutdown rather than
* early on plugins_loaded. Also thanks for hints to wp_remote_ utilities!
*
* @return void
*/
function emoji_rocket__maybe_remote_ssl() {
/* We’ll intentionally request our sample via HTTP, because if https is
* available, we will be redirected to HTTPS and will be able to know so by
* checking the head’s location.
* However, let’s do this only once per hour in order to not unnessecarily
* flood w.org with request.
*/
$response = wp_remote_head( 'http://s.w.org/images/core/emoji/72x72/1f44b.png' );
// Location, if set, will present our factual remote HTTPS URL.
$url = wp_remote_retrieve_header( $response, 'location' );
$maybe_remote_ssl = set_transient(
'emoji_rocket__remote_ssl_check',
( 0 === stripos( $url, 'https://' ) ) ? 'yes' : 'nope',
HOUR_IN_SECONDS
);
}
add_action( 'shutdown', 'emoji_rocket__maybe_remote_ssl' );
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.