diff --git a/wp-includes/rest-api/class-wp-rest-server.php b/wp-includes/rest-api/class-wp-rest-server.php index ed94151228..1e85d57cd4 100644 --- a/wp-includes/rest-api/class-wp-rest-server.php +++ b/wp-includes/rest-api/class-wp-rest-server.php @@ -264,7 +264,21 @@ class WP_REST_Server { $current_user = null; } - $content_type = isset( $_GET['_jsonp'] ) ? 'application/javascript' : 'application/json'; + /** + * Filters whether JSONP is enabled for the REST API. + * + * @since 4.4.0 + * + * @param bool $jsonp_enabled Whether JSONP is enabled. Default true. + */ + $jsonp_enabled = apply_filters( 'rest_jsonp_enabled', true ); + + $jsonp_callback = false; + if ( isset( $_GET['_jsonp'] ) ) { + $jsonp_callback = $_GET['_jsonp']; + } + + $content_type = ( $jsonp_callback && $jsonp_enabled ) ? 'application/javascript' : 'application/json'; $this->send_header( 'Content-Type', $content_type . '; charset=' . get_option( 'blog_charset' ) ); $this->send_header( 'X-Robots-Tag', 'noindex' ); @@ -355,24 +369,12 @@ class WP_REST_Server { ) ); - /** - * Filters whether JSONP is enabled for the REST API. - * - * @since 4.4.0 - * - * @param bool $jsonp_enabled Whether JSONP is enabled. Default true. - */ - $jsonp_enabled = apply_filters( 'rest_jsonp_enabled', true ); - - $jsonp_callback = null; - - if ( isset( $_GET['_jsonp'] ) ) { + if ( $jsonp_callback ) { if ( ! $jsonp_enabled ) { echo $this->json_error( 'rest_callback_disabled', __( 'JSONP support is disabled on this site.' ), 400 ); return false; } - $jsonp_callback = $_GET['_jsonp']; if ( ! wp_check_jsonp_callback( $jsonp_callback ) ) { echo $this->json_error( 'rest_callback_invalid', __( 'Invalid JSONP callback function.' ), 400 ); return false; diff --git a/wp-includes/version.php b/wp-includes/version.php index bdc5b8b143..58dc020da5 100644 --- a/wp-includes/version.php +++ b/wp-includes/version.php @@ -13,7 +13,7 @@ * * @global string $wp_version */ -$wp_version = '5.8-alpha-50694'; +$wp_version = '5.8-alpha-50695'; /** * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.