summaryrefslogtreecommitdiffstats
path: root/wp-includes/class-wp-xmlrpc-server.php
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--wp-includes/class-wp-xmlrpc-server.php14
1 files changed, 13 insertions, 1 deletions
diff --git a/wp-includes/class-wp-xmlrpc-server.php b/wp-includes/class-wp-xmlrpc-server.php
index ae9a658..2141f21 100644
--- a/wp-includes/class-wp-xmlrpc-server.php
+++ b/wp-includes/class-wp-xmlrpc-server.php
@@ -6939,7 +6939,19 @@ class wp_xmlrpc_server extends IXR_Server {
return $this->pingback_error( 48, __( 'The pingback has already been registered.' ) );
}
- // Very stupid, but gives time to the 'from' server to publish!
+ /*
+ * The remote site may have sent the pingback before it finished publishing its own content
+ * containing this pingback URL. If that happens then it won't be immediately possible to fetch
+ * the pinging post; adding a small delay reduces the likelihood of this happening.
+ *
+ * While there are more robust methods than calling `sleep()` here (because `sleep()` merely
+ * mitigates the risk of requesting the remote post before it's available), this is effective
+ * enough for most cases and avoids introducing more complexity into this code.
+ *
+ * One way to improve the reliability of this code might be to add failure-handling to the remote
+ * fetch and retry up to a set number of times if it receives a 404. This could also handle 401 and
+ * 403 responses to differentiate the "does not exist" failure from the "may not access" failure.
+ */
sleep( 1 );
$remote_ip = preg_replace( '/[^0-9a-fA-F:., ]/', '', $_SERVER['REMOTE_ADDR'] );