Commit Graph

6 Commits

Author SHA1 Message Date
Felix Arntz fab7a3bb92 Site Health: Introduce page cache check.
This changeset adds a new `page_cache` check which determines whether the site uses a full page cache, and in addition assesses the server response time. If no page cache is present and the server response time is slow, the check will suggest use of a page cache.

A few filters are included for customization of the check:
* `site_status_good_response_time_threshold` filters the number of milliseconds below which the server response time is considered good. The default value is based on the `server-response-time` Lighthouse audit and can be altered using this filter.
* `site_status_page_cache_supported_cache_headers` filters the map of supported cache headers and their callback to determine whether it was a cache hit. The default list includes commonly used cache headers, and it is filterable to support e.g. additional cache headers used by specific vendors.

Note that due to the nature of this check it is only run in production environments.

Props furi3r, westonruter, spacedmonkey, swissspidy, Clorith.
Fixes #56041.

Built from https://develop.svn.wordpress.org/trunk@54043


git-svn-id: http://core.svn.wordpress.org/trunk@53602 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2022-08-31 22:46:11 +00:00
Felix Arntz 9d348e26f3 Security, Site Health: Improve accuracy in messaging about HTTPS support.
Following up on [49904], this changeset focuses mainly on improving the guidance about the current state of HTTPS in Site Health.

* Correct the existing copy to indicate that both the Site Address and the WordPress Address need to be changed to fully switch to HTTPS.
* Link to the respective input fields via anchor links rather than to the overall General Settings screen.
* Show different copy if the site is using HTTPS for the WordPress Address (for example to have only the administration panel in HTTPS), but not for the Site Address.
* Inform the user about potential problems even when the site is already using HTTPS, for example if the SSL certificate was no longer valid.
* Always rely on fresh information for determining HTTPS support issues in Site Health, and therefore change the `https_status` test to become asynchronous.
* Rename the new private `wp_is_owned_html_output()` function to a more appropriate `wp_is_local_html_output()`.

Props adamsilverstein, flixos90, johnjamesjacoby, timothyblynjacobs.
See #47577.

Built from https://develop.svn.wordpress.org/trunk@50072


git-svn-id: http://core.svn.wordpress.org/trunk@49773 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2021-01-29 19:10:58 +00:00
TimothyBlynJacobs c3b40f7f80 Site Health, App Passwords: Ensure REST API responses are properly translated.
The REST API requests in Site Health and App Passwords now include `_locale=user` in the request URL to ensure the user's locale is used instead of the site locale. Additionally, the `apiRequest` library now sends a JSON `Accept` header which is required by `determine_locale()` to respect the `_locale` query parameter.

The Site Health REST API controllers now manually load the default admin textdomain if not `is_admin()`. This allows for the Site Health tests to be translated even though the translations are part of the administration project and the REST API is not.

Props oglekler, kebbet, Clorith, TimothyBlynJacobs, ocean90, SergeyBiryukov, adamsilverstein.
Fixes #51871.

Built from https://develop.svn.wordpress.org/trunk@49716


git-svn-id: http://core.svn.wordpress.org/trunk@49439 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-12-01 03:44:05 +00:00
TimothyBlynJacobs 2df94804d4 Site Health, App Passwords: Test if the Authorization header is populated correctly.
App Passwords rely on the Authorization header to transport the Basic Auth credentials. For Apache web servers, WordPress automatically includes a RewriteRule to populate the value for servers running in CGI or FastCGI that wouldn't ordinarily populate the value. 

This tests if the header is being filled with the expected values. For Apache users, we direct the user to visit the Permalinks settings to flush their permalinks. For all other users, we direct them to a help document on developer.wordpress.org.

Props Clorith, marybaum, TimothyBlynJacobs.
Fixes #51638.

Built from https://develop.svn.wordpress.org/trunk@49334


git-svn-id: http://core.svn.wordpress.org/trunk@49095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-27 18:32:07 +00:00
desrosj d40c365a30 Coding Standards: Correct some minor coding standards issues.
Introduced in [49154], [49212], [49223], and [49224].
Built from https://develop.svn.wordpress.org/trunk@49225


git-svn-id: http://core.svn.wordpress.org/trunk@48987 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-20 13:29:08 +00:00
TimothyBlynJacobs 039ce3f16f Site Health, REST API: Move async tests to REST API endpoints.
This provides more flexibility when writing tests and benefits from running in a front-end context which is necessary for some tests like checking that updates are supported. Additionally, this provides a more robust interface for developers who want to integrate with Site Health tests.

Because the `wp/v2` endpoint is reserved for modeling core entities, site health is registered in its own `wp-site-health/v1` namespace.

The existing ajax actions have been maintained for backward compatibility.

Props Clorith, chrisvanpatten, afragen, pokhriyal, TimothyBlynJacobs.
Fixes #48105.

Built from https://develop.svn.wordpress.org/trunk@49154


git-svn-id: http://core.svn.wordpress.org/trunk@48916 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-10-15 02:00:08 +00:00