Adding upstream version 6.6.1+dfsg1.upstream/6.6.1+dfsg1upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 21 insertions, 2 deletions

diff --git a/wp-admin/load-scripts.php b/wp-admin/load-scripts.php
index 5675b86..c7c952f 100644
--- a/wp-admin/load-scripts.php
+++ b/wp-admin/load-scripts.php
@@ -45,7 +45,26 @@ wp_default_scripts( $wp_scripts );
 wp_default_packages_vendor( $wp_scripts );
 wp_default_packages_scripts( $wp_scripts );
 
-if ( isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) && stripslashes( $_SERVER['HTTP_IF_NONE_MATCH'] ) === $wp_version ) {
+$etag = "WP:{$wp_version};";
+
+foreach ( $load as $handle ) {
+	if ( ! array_key_exists( $handle, $wp_scripts->registered ) ) {
+		continue;
+	}
+
+	$ver   = $wp_scripts->registered[ $handle ]->ver ? $wp_scripts->registered[ $handle ]->ver : $wp_version;
+	$etag .= "{$handle}:{$ver};";
+}
+
+/*
+ * This is not intended to be cryptographically secure, just a fast way to get
+ * a fixed length string based on the script versions. As this file does not
+ * load the full WordPress environment, it is not possible to use the salted
+ * wp_hash() function.
+ */
+$etag = 'W/"' . md5( $etag ) . '"';
+
+if ( isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) && stripslashes( $_SERVER['HTTP_IF_NONE_MATCH'] ) === $etag ) {
 	header( "$protocol 304 Not Modified" );
 	exit;
 }
@@ -59,7 +78,7 @@ foreach ( $load as $handle ) {
 	$out .= get_file( $path ) . "\n";
 }
 
-header( "Etag: $wp_version" );
+header( "Etag: $etag" );
 header( 'Content-Type: application/javascript; charset=UTF-8' );
 header( 'Expires: ' . gmdate( 'D, d M Y H:i:s', time() + $expires_offset ) . ' GMT' );
 header( "Cache-Control: public, max-age=$expires_offset" );