WordPress.org
Get WordPress

Plugin Directory

Changeset 3442401


Ignore:
Timestamp:
01/19/2026 10:15:30 AM (2 months ago)
Author:
Milmor
Message:

Update to version 1.8.3 from GitHub

Location:
anac-xml-viewer
Files:
4 edited
1 copied

Legend:

Unmodified
Added
Removed

  • anac-xml-viewer/tags/1.8.3/anac-xml-viewer.php

    r3412265 r3442401  
    55Description: Visualizzatore XML per file generati da applicativi esterni
    66Author: Marco Milesi
    7 Version: 1.8.2
     7Version: 1.8.3
    88Author URI: https://marcomilesi.com
    99*/
     
    271271    }
    272272
    273     private function is_private_ip( $ip ) {
    274         if ( filter_var( $ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 ) ) {
    275             $long = ip2long($ip);
    276             $ranges = [
    277                 ['0.0.0.0', '0.255.255.255'],
    278                 ['10.0.0.0', '10.255.255.255'],
    279                 ['127.0.0.0', '127.255.255.255'],
    280                 ['169.254.0.0', '169.254.255.255'],
    281                 ['172.16.0.0', '172.31.255.255'],
    282                 ['192.168.0.0', '192.168.255.255']
    283             ];
    284             foreach ( $ranges as $r ) {
    285                 if ( $long >= ip2long($r[0]) && $long <= ip2long($r[1]) ) return true;
    286             }
    287             return false;
    288         }
    289         if ( filter_var( $ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6 ) ) {
    290             if ( strpos($ip, '::1') === 0 ) return true; // localhost
    291             // fc00::/7 unique local, fe80::/10 link-local
    292             if ( strpos($ip, 'fc') === 0 || strpos($ip, 'fd') === 0 ) return true;
    293             if ( strpos($ip, 'fe80') === 0 ) return true;
    294             return false;
    295         }
    296         return true;
    297     }
    298 
    299273    private function fetch_and_load_xml( $url ) {
    300274        if ( ! function_exists('wp_http_validate_url') || ! wp_http_validate_url( $url ) ) return null;
    301         $parts = wp_parse_url( $url );
    302         if ( ! $parts || ! isset($parts['scheme']) || ! in_array( strtolower($parts['scheme']), ['http','https'], true ) ) return null;
    303         if ( empty($parts['host']) ) return null;
    304 
    305         $host = $parts['host'];
    306         $blocked_hosts = [
    307             '169.254.169.254',
    308             'metadata.google.internal'
    309         ];
    310         if ( in_array( strtolower($host), $blocked_hosts, true ) ) return null;
    311 
    312         $resolved = gethostbynamel( $host );
    313         if ( $resolved ) {
    314             foreach ( $resolved as $ip ) {
    315                 if ( $this->is_private_ip( $ip ) ) return null;
    316             }
    317         }
    318275
    319276        $args = [
     
    322279            'headers' => [ 'Accept' => 'application/xml, text/xml; q=0.9, */*; q=0.1' ],
    323280        ];
    324         $response = wp_remote_get( $url, $args );
     281        $response = wp_safe_remote_get( $url, $args );
    325282        if ( is_wp_error( $response ) ) return null;
    326283

  • anac-xml-viewer/tags/1.8.3/readme.txt

    r3412265 r3442401  
    55Requires at least: 4.3
    66Tested up to: 6.9
    7 Version: 1.8.2
    8 Stable tag: 1.8.2
     7Version: 1.8.3
     8Stable tag: 1.8.3
    99License: GPLv2 or later
    1010License URI: http://www.gnu.org/licenses/gpl-2.0.html
     
    4040
    4141> Questa è la lista completa di tutti gli aggiornamenti, test e correzioni. Ogni volta che una nuova versione viene rilasciata assicuratevi di aggiornare il prima possibile per usufruire delle ultime migliorie!
     42
     43= 1.8.3 2026-01-19 =
     44* Bugfix minori e sicurezza
    4245
    4346= 1.8.2 2025-12-05 =

  • anac-xml-viewer/trunk/anac-xml-viewer.php

    r3412265 r3442401  
    55Description: Visualizzatore XML per file generati da applicativi esterni
    66Author: Marco Milesi
    7 Version: 1.8.2
     7Version: 1.8.3
    88Author URI: https://marcomilesi.com
    99*/
     
    271271    }
    272272
    273     private function is_private_ip( $ip ) {
    274         if ( filter_var( $ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 ) ) {
    275             $long = ip2long($ip);
    276             $ranges = [
    277                 ['0.0.0.0', '0.255.255.255'],
    278                 ['10.0.0.0', '10.255.255.255'],
    279                 ['127.0.0.0', '127.255.255.255'],
    280                 ['169.254.0.0', '169.254.255.255'],
    281                 ['172.16.0.0', '172.31.255.255'],
    282                 ['192.168.0.0', '192.168.255.255']
    283             ];
    284             foreach ( $ranges as $r ) {
    285                 if ( $long >= ip2long($r[0]) && $long <= ip2long($r[1]) ) return true;
    286             }
    287             return false;
    288         }
    289         if ( filter_var( $ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6 ) ) {
    290             if ( strpos($ip, '::1') === 0 ) return true; // localhost
    291             // fc00::/7 unique local, fe80::/10 link-local
    292             if ( strpos($ip, 'fc') === 0 || strpos($ip, 'fd') === 0 ) return true;
    293             if ( strpos($ip, 'fe80') === 0 ) return true;
    294             return false;
    295         }
    296         return true;
    297     }
    298 
    299273    private function fetch_and_load_xml( $url ) {
    300274        if ( ! function_exists('wp_http_validate_url') || ! wp_http_validate_url( $url ) ) return null;
    301         $parts = wp_parse_url( $url );
    302         if ( ! $parts || ! isset($parts['scheme']) || ! in_array( strtolower($parts['scheme']), ['http','https'], true ) ) return null;
    303         if ( empty($parts['host']) ) return null;
    304 
    305         $host = $parts['host'];
    306         $blocked_hosts = [
    307             '169.254.169.254',
    308             'metadata.google.internal'
    309         ];
    310         if ( in_array( strtolower($host), $blocked_hosts, true ) ) return null;
    311 
    312         $resolved = gethostbynamel( $host );
    313         if ( $resolved ) {
    314             foreach ( $resolved as $ip ) {
    315                 if ( $this->is_private_ip( $ip ) ) return null;
    316             }
    317         }
    318275
    319276        $args = [
     
    322279            'headers' => [ 'Accept' => 'application/xml, text/xml; q=0.9, */*; q=0.1' ],
    323280        ];
    324         $response = wp_remote_get( $url, $args );
     281        $response = wp_safe_remote_get( $url, $args );
    325282        if ( is_wp_error( $response ) ) return null;
    326283

  • anac-xml-viewer/trunk/readme.txt

    r3412265 r3442401  
    55Requires at least: 4.3
    66Tested up to: 6.9
    7 Version: 1.8.2
    8 Stable tag: 1.8.2
     7Version: 1.8.3
     8Stable tag: 1.8.3
    99License: GPLv2 or later
    1010License URI: http://www.gnu.org/licenses/gpl-2.0.html
     
    4040
    4141> Questa è la lista completa di tutti gli aggiornamenti, test e correzioni. Ogni volta che una nuova versione viene rilasciata assicuratevi di aggiornare il prima possibile per usufruire delle ultime migliorie!
     42
     43= 1.8.3 2026-01-19 =
     44* Bugfix minori e sicurezza
    4245
    4346= 1.8.2 2025-12-05 =
Note: See TracChangeset for help on using the changeset viewer.