wp_is_local_html_output

The timeline below displays how wordpress function wp_is_local_html_output has changed across different WordPress versions. If a version is not listed, refer to the next available version below.

WordPress Version: 6.3

/**
 * Checks whether a given HTML string is likely an output from this WordPress site.
 *
 * This function attempts to check for various common WordPress patterns whether they are included in the HTML string.
 * Since any of these actions may be disabled through third-party code, this function may also return null to indicate
 * that it was not possible to determine ownership.
 *
 * @since 5.7.0
 * @access private
 *
 * @param string $html Full HTML output string, e.g. from a HTTP response.
 * @return bool|null True/false for whether HTML was generated by this site, null if unable to determine.
 */
function wp_is_local_html_output($html)
{
    // 1. Check if HTML includes the site's Really Simple Discovery link.
    if (has_action('wp_head', 'rsd_link')) {
        $pattern = preg_replace('#^https?:(?=//)#', '', esc_url(site_url('xmlrpc.php?rsd', 'rpc')));
        // See rsd_link().
        return str_contains($html, $pattern);
    }
    // 2. Check if HTML includes the site's REST API link.
    if (has_action('wp_head', 'rest_output_link_wp_head')) {
        // Try both HTTPS and HTTP since the URL depends on context.
        $pattern = preg_replace('#^https?:(?=//)#', '', esc_url(get_rest_url()));
        // See rest_output_link_wp_head().
        return str_contains($html, $pattern);
    }
    // Otherwise the result cannot be determined.
    return null;
}

WordPress Version: 5.7

/**
 * Checks whether a given HTML string is likely an output from this WordPress site.
 *
 * This function attempts to check for various common WordPress patterns whether they are included in the HTML string.
 * Since any of these actions may be disabled through third-party code, this function may also return null to indicate
 * that it was not possible to determine ownership.
 *
 * @since 5.7.0
 * @access private
 *
 * @param string $html Full HTML output string, e.g. from a HTTP response.
 * @return bool|null True/false for whether HTML was generated by this site, null if unable to determine.
 */
function wp_is_local_html_output($html)
{
    // 1. Check if HTML includes the site's Really Simple Discovery link.
    if (has_action('wp_head', 'rsd_link')) {
        $pattern = preg_replace('#^https?:(?=//)#', '', esc_url(site_url('xmlrpc.php?rsd', 'rpc')));
        // See rsd_link().
        return false !== strpos($html, $pattern);
    }
    // 2. Check if HTML includes the site's Windows Live Writer manifest link.
    if (has_action('wp_head', 'wlwmanifest_link')) {
        // Try both HTTPS and HTTP since the URL depends on context.
        $pattern = preg_replace('#^https?:(?=//)#', '', includes_url('wlwmanifest.xml'));
        // See wlwmanifest_link().
        return false !== strpos($html, $pattern);
    }
    // 3. Check if HTML includes the site's REST API link.
    if (has_action('wp_head', 'rest_output_link_wp_head')) {
        // Try both HTTPS and HTTP since the URL depends on context.
        $pattern = preg_replace('#^https?:(?=//)#', '', esc_url(get_rest_url()));
        // See rest_output_link_wp_head().
        return false !== strpos($html, $pattern);
    }
    // Otherwise the result cannot be determined.
    return null;
}