Changeset 56841

Timestamp:

10/12/2023 01:13:02 PM (10 months ago)

Author:

audrasjb

Message:

REST API: Ensure no-cache headers are sent when methods are ovverriden.

Props tykoted, xknown, ehtis, timothyblynjacobs, peterwilsoncc, rmccue, jorbin.
Merges [56834] to the 6.3 branch.

Location:

branches/6.3

Files:

• . (modified) (1 prop)
• src/wp-includes/rest-api.php (modified) (1 diff)
• src/wp-includes/rest-api/class-wp-rest-server.php (modified) (3 diffs)

branches/6.3/src/wp-includes/rest-api.php

@@ -1085 +1085 @@
 
     if ( ! $result ) {
+
         return new WP_Error( 'rest_cookie_invalid_nonce', __( 'Cookie check failed' ), array( 'status' => 403 ) );
     }

branches/6.3/src/wp-includes/rest-api/class-wp-rest-server.php

@@ -324 +324 @@
 
         /**
-         * Filters whether to send nocache headers on a REST API request.
-         *
-         * @since 4.4.0
-         *
-         * @param bool $rest_send_nocache_headers Whether to send no-cache headers.
-         */
-        $send_no_cache_headers = apply_filters( 'rest_send_nocache_headers', is_user_logged_in() );
-        if ( $send_no_cache_headers ) {
-            foreach ( wp_get_nocache_headers() as $header => $header_value ) {
-                if ( empty( $header_value ) ) {
-                    $this->remove_header( $header );
-                } else {
-                    $this->send_header( $header, $header_value );
-                }
-            }
-        }
-
-        /**
          * Filters whether the REST API is enabled.
          *
@@ -395 +377 @@
          * header.
          */
+
         if ( isset( $_GET['_method'] ) ) {
             $request->set_method( $_GET['_method'] );
         } elseif ( isset( $_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE'] ) ) {
             $request->set_method( $_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE'] );
+
         }
 
@@ -498 +482 @@
          */
         $served = apply_filters( 'rest_pre_serve_request', false, $result, $request, $this );
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
 
         if ( ! $served ) {