• Skip to content
  • Skip to primary sidebar
  • Skip to footer

Foliovision

Main navigation

  • Weblog
    • FV Player
    • WordPress
    • Video of the Week
    • Case Studies
    • Business
  • About
    • Testimonials
    • Meet the Team
    • We Support
    • Careers
    • Contact
    • Pricing
  • Products
  • Support
    • FV Player Docs
    • Pro Support
  • Login
  • Basket is empty
Affordable VAST/VPAID for Wordpress has arrived. Serve ads with your videos starting today!

WordPress 6.2 breaks many sites and plugins: here’s how to repair the damage

14 April 2023 / Alec Kinnear / Leave a Comment

After WordPress 6.2 came out, we had some reports about broken video playback in FV Player. In the end, the issues were more serious than we thought. WordPress’s core development crew broke a few important longtime functions:

WP HTTP no longer sets HTTP Referrer

It seems the WP HTTP functions no longer sets the HTTP referrer header by default. Bunny Stream requires a referrer header. Without it, FV Player Pro would fail to play the Bunny Stream videos with the Signed URLs download protection.

Until WordPress 6.2 you were able to call wp_remote_get() without any extra arguments and the referrer would be sent:

$res = wp_remote_get( 'https://foliovision.com/?referrer-test=no-headers' );

But with WordPress 6.2 we had to start specifying the referrer in cases like Bunny Stream:

$res = wp_remote_get(
  'https://foliovision.com/?referrer-test=headers',
  array(
    'headers' => array(
      'Referer' => home_url(),
    )
  )
);

Note: The header name “Referer” is actually a misspelling of the word “Referrer”, but it has become a standard that way.

Here’s how these two calls turn up in the access logs on our server with WordPress 6.2:

No referrer if not specified in wp_remote_get() call

As you can see the first call provided no referrer information which make sense as wp_remote_get() did not specify the referrer. It’s just that until now WordPress would include that automatically.

And here’s WordPress 6.1:

False referrer if no referrer specified in wp_remote_get()

So the referrer header shows up even for the first request where wp_remote_get() specifies no referrer. But to my surprise it actually uses the request URL as the referrer which is wrong.

The line of code responsible for this is in the Requests library version which was used up to WordPress 6.1: wp-includes/Requests/src/Transport/Curl.php on WordPress 6.1 github.com

CURLOPT_REFERER set to the request URL in WordPress 6.1

In WordPress 6.2 the Requests library was updated to version 2.0.6 and that line is gone: wp-includes/Requests/src/Transport/Curl.php on WordPress 6.2 github.com

CURLOPT_REFERER is no longer set by default in WordPress 6.2

And here is the pull requests on the original Requests library: https://github.com/WordPress/Requests/pull/444

Requests library pull request to remove invalid default referer value

To sum things up:

  • WordPress until version 6.2 is putting in invalid referrer header
  • WordPress 6.2 puts in no referrer by default

None of that seems like the right thing. I wish WordPress 6.2 would include the proper referrer header by default – the website URL.

But a sudden change like this will surely cause a lot of problems with other plugins and APIs.

MySQL Escaping adds new replacement string

The MySQL escaping function named prepare of the WP database class now also replaces %i in the SQL queries. Previously it would only handle %d and %s. FV Player Pro had a query where it would only use prepare() for certain parts of it so then a mention of %iPad% in the SQL query caused the query to break. That broke encrypted HLS serving in FV Player Pro.

Thoughts: In fairness, this second breaking change is an improvement.

FV Player users: we’ve fixed both these issues in FV Player 7.5.32. The simple solution for any publisher on WordPress 6.2 or later is to update to the latest version of FV Player.

It’s been awhile since WordPress broke everyone’s sites. Back around WP 5.2. Let’s hope it doesn’t become a trend. Stability is good. Here’s the full changelog for WordPress 6.2. WordPress 6.2 marketing announcement (written by Matt Mullenweg for a change, as he took the lead on 6.2) touts enhancements to the block editor and full site editing, as well as performance improvements. As a code minimalist, I’m fairly indifferent to full site editing but performance improvements are always welcome. WordPress has never been the fastest car in the garage.

Alec Kinnear

Alec Kinnear

Alec has been helping businesses succeed online since 2000. Alec is an SEM expert with a background in advertising, as a former Head of Television for Grey Moscow and Senior Television Producer for Bates, Saatchi and Saatchi Russia.

Categories: WordPress Tags: mysql, WordPress

Related Posts

No related photos.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

You can click here to Subscribe without commenting

Primary Sidebar

Categories

  • Business
  • Camera Reviews
  • Case Studies
  • Design
  • FV Player
  • Internet Marketing
  • IT
  • Life
  • SEO
  • Slovak
  • Video of the Week
  • WordPress

Footer

Our Plugins

  • FV WordPress Flowplayer
  • FV Thoughtful Comments
  • FV Simpler SEO
  • FV Antispam
  • FV Gravatar Cache
  • FV Testimonials

Free Tools

  • Pandoc Online
  • Article spinner
  • WordPress Password Finder
  • Delete LinkedIn Account
  • Responsive Design Calculator
Foliovision logo
All materials © 2025 Foliovision s.r.o. | Panská 12 - 81101 Bratislava - Slovakia | info@foliovision.com
  • This Site Uses Cookies
  • Privacy Policy
  • Terms of Service
  • Site Map
  • Contact
  • Tel. ‭+421 2/5292 0086‬

We are using cookies to give you the best experience on our website.

You can find out more about which cookies we are using or switch them off in .

Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Necessary Cookies

Strictly Necessary Cookie allow you to log in and download your software or post to forums.

We use the WordPress login cookie and the session cookie.

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.

Support Cookies

Foliovision.com uses self-hosted Rocket.chat and self-hosted Freescout support desk to provide support for FV Player users. These cookies allow our visitors to chat with us and/or submit support tickets.

We are delighted to recommend self-hosted Rocket.chat and especially Freescout to other privacy-conscious independent publishers who would prefer to self-host support.

Please enable Strictly Necessary Cookies first so that we can save your preferences!

3rd Party Cookies

This website uses Google Analytics and Statcounter to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping this cookie enabled helps us to improve our website.

We reluctantly use Google Analytics as it helps us to test FV Player against popular Google Analytics features. Feel free to turn off these cookies if they make you feel uncomfortable.

Statcounter is an independent Irish stats service which we have been using since the beginning of recorded time, sixteen years ago.

Please enable Strictly Necessary Cookies first so that we can save your preferences!