Use CDN for Pro version checks and improve proxy fallback

[raamdev]

Note: This issue is currently blocked by changes needed to the build system: wpsharks/phings#159.

---

Once the above issue has been closed, the Comet Cache Pro update utilities can be updated to check https://cdn.wpsharks.com/software/bleeding-edge/comet-cache-pro/version.txt for the latest Pro version, instead of querying the API on cometcache.com.

Additionally, we might be able to do away with using the proxy server fallback for version checks on servers that have older SSL software that doesn't support HSTS headers:

@jaswrks writes...

You could try dropping the proxy fallback by running this particular request over http:// instead of https://. Since we are changing the request type from POST to GET, and because it's now a static file containing only a version, it's not necessary for us to use SSL in this particular case.

Note: If you try to reach http://cdn.wpsharks.com/software/latest/comet-cache-pro/version.txt in a web browser, you'll be redirected to the https:// variation, which is enforced due to HSTS headers. However, in a server-side wp_remote_get() implementation, you should be able to query via http:// without a problem. HSTS is not a factor there. However, it might be worth checking to see if WP_Http has any setting that would force HSTS off, just in case that's possible. I'm doubt that it is. WordPress would need to have code that looks for a strict transport header and obey it, which I don't believe it even looks at right now.

That said, we should still use SSL when performing license key authentication.

TODO

• Update the build system to support rc/version.txt version-ars.txt; see Publish a 'rc/version.txt' file when doing a 'phing release-rc' phings#159
• Update Comet Cache Pro software to use CDN-hosted rc/version.txt version-ars.txt (RC) and /version.txt (stable) to check for latest Pro version
• Update the API on cometcache.com to return CDN-hosted URLs to the latest Pro version (for both RC and stable); see https://github.com/websharks/cometcache.com/issues/111
• Test to confirm that we can replace the proxy fallback with a call to the http:// (non-SSL) URL to version.txt on sites running outdated SSL software; this will allow us to use the proxy only for license authentication, when necessary
• Occurrences of proxy.websharks-inc.net/comet-cache/ should be updated to the newer update-fallback.wpsharks.io/comet-cache/ update-fallback.wpsharks.io/cc-proxy

[jaswrks]

New proxy URL: http://update-fallback.wpsharks.io/cc-proxy

?product_api[action]=latest_pro_update
&product_api[username]=johndoe22
&product_api[password]=[COMET CACHE API KEY]
&product_api[stable]=1 (stable releases, or any release?)

In short, all the same variables that cometcache.com uses. This is simply a non-SSL proxy.

Returns JSON, just like cometcache.com does.

{
  "pro_version": "170220",
  "pro_zip": "http://dls.wpsharks.io/cdn-xar?slug=comet-cache-pro&version=170220&expires=1494021828&_sig=6ee774...3f445118ffb0beccf52e65b0826856bca40"
}

[jaswrks]

Another new proxy URL: http://dls.wpsharks.io/cdn-xar

?slug=comet-cache-pro
&version=[COMET CACHE VERSION]
&expires=[TIMESTAMP EXPIRATION]
&_sig=[REQUIRES SECRET KEY TO SIGN THE REQUEST]

URLs leading to this endpoint are generated by the cometcache.com API and the new update-fallback.wpsharks.io/cc-proxy endpoint noted in the previous comment above ↑

In other words, all Comet Cache automatic updates now pass through http://dls.wpsharks.io/cdn-xar (non-SSL), which is what delivers the zip file downloads.

[jaswrks]

Documented the new API endpoints above ↑

[jaswrks]

The list above has been completed and this is now pending a PR review.
wpsharks/comet-cache-pro#315