mirror of
https://github.com/WordPress/WordPress.git
synced 2025-01-03 23:17:51 +01:00
REST API JavaScript Client: Support an empty string for nonce
to disable sending the X-WP-Nonce header.
Passing a `nonce` argument with an empty string to `wp.api.init()` now does no longer fall back to `wpApiSettings.nonce`. This makes it possible to stop sending nonce headers, for example to a read-only endpoint on another site in a multisite install. Merge of [42852] to the 4.9 branch. Props adamsilverstein, FPCSJames, ocean90, swissspidy. See #42948, #43266. Built from https://develop.svn.wordpress.org/branches/4.9@42854 git-svn-id: http://core.svn.wordpress.org/branches/4.9@42684 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
7faddf9e50
commit
04d41666dc
@ -848,7 +848,7 @@
|
|||||||
model.unset( 'slug' );
|
model.unset( 'slug' );
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( _.isFunction( model.nonce ) && ! _.isUndefined( model.nonce() ) && ! _.isNull( model.nonce() ) ) {
|
if ( _.isFunction( model.nonce ) && ! _.isEmpty( model.nonce() ) ) {
|
||||||
beforeSend = options.beforeSend;
|
beforeSend = options.beforeSend;
|
||||||
|
|
||||||
// @todo enable option for jsonp endpoints
|
// @todo enable option for jsonp endpoints
|
||||||
@ -992,7 +992,7 @@
|
|||||||
|
|
||||||
options = options || {};
|
options = options || {};
|
||||||
|
|
||||||
if ( _.isFunction( model.nonce ) && ! _.isUndefined( model.nonce() ) && ! _.isNull( model.nonce() ) ) {
|
if ( _.isFunction( model.nonce ) && ! _.isEmpty( model.nonce() ) ) {
|
||||||
beforeSend = options.beforeSend;
|
beforeSend = options.beforeSend;
|
||||||
|
|
||||||
// Include the nonce with requests.
|
// Include the nonce with requests.
|
||||||
@ -1490,6 +1490,7 @@
|
|||||||
* Initialize the wp-api, optionally passing the API root.
|
* Initialize the wp-api, optionally passing the API root.
|
||||||
*
|
*
|
||||||
* @param {object} [args]
|
* @param {object} [args]
|
||||||
|
* @param {string} [args.nonce] The nonce. Optional, defaults to wpApiSettings.nonce.
|
||||||
* @param {string} [args.apiRoot] The api root. Optional, defaults to wpApiSettings.root.
|
* @param {string} [args.apiRoot] The api root. Optional, defaults to wpApiSettings.root.
|
||||||
* @param {string} [args.versionString] The version string. Optional, defaults to wpApiSettings.root.
|
* @param {string} [args.versionString] The version string. Optional, defaults to wpApiSettings.root.
|
||||||
* @param {object} [args.schema] The schema. Optional, will be fetched from API if not provided.
|
* @param {object} [args.schema] The schema. Optional, will be fetched from API if not provided.
|
||||||
@ -1498,7 +1499,7 @@
|
|||||||
var endpoint, attributes = {}, deferred, promise;
|
var endpoint, attributes = {}, deferred, promise;
|
||||||
|
|
||||||
args = args || {};
|
args = args || {};
|
||||||
attributes.nonce = args.nonce || wpApiSettings.nonce || '';
|
attributes.nonce = _.isString( args.nonce ) ? args.nonce : ( wpApiSettings.nonce || '' );
|
||||||
attributes.apiRoot = args.apiRoot || wpApiSettings.root || '/wp-json';
|
attributes.apiRoot = args.apiRoot || wpApiSettings.root || '/wp-json';
|
||||||
attributes.versionString = args.versionString || wpApiSettings.versionString || 'wp/v2/';
|
attributes.versionString = args.versionString || wpApiSettings.versionString || 'wp/v2/';
|
||||||
attributes.schema = args.schema || null;
|
attributes.schema = args.schema || null;
|
||||||
|
2
wp-includes/js/wp-api.min.js
vendored
2
wp-includes/js/wp-api.min.js
vendored
File diff suppressed because one or more lines are too long
@ -4,7 +4,7 @@
|
|||||||
*
|
*
|
||||||
* @global string $wp_version
|
* @global string $wp_version
|
||||||
*/
|
*/
|
||||||
$wp_version = '4.9.5-alpha-42853';
|
$wp_version = '4.9.5-alpha-42854';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
|
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
|
||||||
|
Loading…
Reference in New Issue
Block a user