wp_safe_remote_request( string $url, array $args = array() ): array|WP_Error

Retrieve the raw response from a safe HTTP request.

Description
- See also
Parameters
Return
Source
Related
- Uses
- Used By
Changelog
User Contributed Notes

Description

This function is ideal when the HTTP request is being made to an arbitrary URL. The URL is validated to avoid redirection and request forgery attacks.

Top ↑

Parameters

$url string Required

URL to retrieve.

$args array Optional

Request arguments.
See WP_Http::request() for information on accepted arguments.

More Arguments from WP_Http::request( ... $args )

Array or string of HTTP request arguments.

method string
Request method. Accepts 'GET', 'POST', 'HEAD', 'PUT', 'DELETE', 'TRACE', 'OPTIONS', or 'PATCH'.
Some transports technically allow others, but should not be assumed. Default 'GET'.
timeout float
How long the connection should stay open in seconds. Default 5.
redirection int
Number of allowed redirects. Not supported by all transports.
Default 5.
httpversion string
Version of the HTTP protocol to use. Accepts '1.0' and '1.1'.
Default '1.0'.
user-agent string
User-agent value sent.
Default 'WordPress/' . get_bloginfo( 'version' ) . '; ' . get_bloginfo( 'url' ).
reject_unsafe_urls bool
Whether to pass URLs through wp_http_validate_url() .
Default false.
blocking bool
Whether the calling code requires the result of the request.
If set to false, the request will be sent to the remote server, and processing returned to the calling code immediately, the caller will know if the request succeeded or failed, but will not receive any response from the remote server. Default true.
headers string|array
Array or string of headers to send with the request.
cookies array
List of cookies to send with the request.
body string|array
Body to send with the request. Default null.
compress bool
Whether to compress the $body when sending the request.
Default false.
decompress bool
Whether to decompress a compressed response. If set to false and compressed content is returned in the response anyway, it will need to be separately decompressed. Default true.
sslverify bool
Whether to verify SSL for the request. Default true.
sslcertificates string
Absolute path to an SSL certificate .crt file.
Default ABSPATH . WPINC . '/certificates/ca-bundle.crt'.
stream bool
Whether to stream to a file. If set to true and no filename was given, it will be dropped it in the WP temp dir and its name will be set using the basename of the URL. Default false.
filename string
Filename of the file to write to when streaming. $stream must be set to true. Default null.
limit_response_size int
Size in bytes to limit the response to. Default null.

Default: array()

Top ↑

Return

array|WP_Error The response or WP_Error on failure.

Top ↑

Source

File: wp-includes/http.php. View all references

function wp_safe_remote_request( $url, $args = array() ) {
	$args['reject_unsafe_urls'] = true;
	$http                       = _wp_http_get_object();
	return $http->request( $url, $args );
}

View on Trac View on GitHub

Top ↑

Uses

Uses
Uses	Description
_wp_http_get_object() wp-includes/http.php	Returns the initialized WP_Http Object

Top ↑

Used By

Used By
Used By	Description
WP_Importer::get_page() wp-admin/includes/class-wp-importer.php	Gets URL.
wp_get_http() wp-includes/deprecated.php	Perform a HTTP HEAD or GET request.
WP_SimplePie_File::__construct() wp-includes/class-wp-simplepie-file.php	Constructor.
_fetch_remote_file() wp-includes/rss.php	Retrieve URL headers and content using WP HTTP Request API.