wp_safe_remote_request() – Function | Developer.WordPress.org

Retrieves the raw response from a safe HTTP request.

Description

This function is ideal when the HTTP request is being made to an arbitrary URL. The URL, and every URL it redirects to, are validated with wp_http_validate_url() to avoid Server Side Request Forgery attacks (SSRF).

Parameters

$urlstringrequired: URL to retrieve.
$argsarrayoptional: Request arguments.
See WP_Http::request() for information on accepted arguments.
Default:array()

Return

array|WP_Error The response or WP_Error on failure.
See WP_Http::request() for information on return value.

Source

function wp_safe_remote_request( $url, $args = array() ) {
	$args['reject_unsafe_urls'] = true;
	$http                       = _wp_http_get_object();
	return $http->request( $url, $args );
}

View all references View on Trac View on GitHub

Uses	Description
_wp_http_get_object()`wp-includes/http.php`	Returns the initialized WP_Http Object

Used by	Description
WP_Importer::get_page()`wp-admin/includes/class-wp-importer.php`	Gets URL.
wp_get_http()`wp-includes/deprecated.php`	Perform a HTTP HEAD or GET request.
WP_SimplePie_File::__construct()`wp-includes/class-wp-simplepie-file.php`	Constructor.
_fetch_remote_file()`wp-includes/rss.php`	Retrieve URL headers and content using WP HTTP Request API.

Changelog

Version	Description
3.6.0	Introduced.

wp_safe_remote_request( string $url, array $args = array() ): array|WP_Error

In this article

Description

See also

Parameters

Return

Source

Changelog

User Contributed Notes

wp_safe_remote_request( string $url, array $args = array() ): array|WP_Error

In this article

Description

See also

Parameters

Return

Source

Related

Changelog

User Contributed Notes