REST API: Ensure "Allow" header is returned for OPTIONS requests.
This changeset ensures `$request->set_url_params()` is called while fulfilling OPTIONS requests, where previously it was skipped because OPTIONS requests short-circuit the logic in `dispatch` which handles this setup for other request methods. Omitting the URL parameters prevented the Allow header from being set. Props killua99, noisysocks. Fixes #45753. git-svn-id: https://develop.svn.wordpress.org/trunk@44933 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
K. Adam White
parent
c62eab00a7
commit
58aad3837f
@ -615,12 +615,27 @@ function rest_handle_options_request( $response, $handler, $request ) {
|
||||
$data = array();
|
||||
|
||||
foreach ( $handler->get_routes() as $route => $endpoints ) {
|
||||
$match = preg_match( '@^' . $route . '$@i', $request->get_route() );
|
||||
$match = preg_match( '@^' . $route . '$@i', $request->get_route(), $matches );
|
||||
|
||||
if ( ! $match ) {
|
||||
continue;
|
||||
}
|
||||
|
||||
$args = array();
|
||||
foreach ( $matches as $param => $value ) {
|
||||
if ( ! is_int( $param ) ) {
|
||||
$args[ $param ] = $value;
|
||||
}
|
||||
}
|
||||
|
||||
foreach ( $endpoints as $endpoint ) {
|
||||
// Remove the redundant preg_match argument.
|
||||
unset( $args[0] );
|
||||
|
||||
$request->set_url_params( $args );
|
||||
$request->set_attributes( $endpoint );
|
||||
}
|
||||
|
||||
$data = $handler->get_data_for_route( $route, $endpoints, 'help' );
|
||||
$response->set_matched_route( $route );
|
||||
break;
|
||||
|
||||
@ -208,6 +208,36 @@ class WP_Test_REST_Attachments_Controller extends WP_Test_REST_Post_Type_Control
|
||||
$this->assertEquals( array( 'context', 'id' ), $keys );
|
||||
}
|
||||
|
||||
/**
|
||||
* @ticket 43701
|
||||
*/
|
||||
public function test_allow_header_sent_on_options_request() {
|
||||
$id1 = $this->factory->attachment->create_object(
|
||||
$this->test_file,
|
||||
0,
|
||||
array(
|
||||
'post_mime_type' => 'image/jpeg',
|
||||
'post_excerpt' => 'A sample caption',
|
||||
)
|
||||
);
|
||||
$request = new WP_REST_Request( 'OPTIONS', sprintf( '/wp/v2/media/%d', $id1 ) );
|
||||
$response = rest_get_server()->dispatch( $request );
|
||||
$response = apply_filters( 'rest_post_dispatch', $response, rest_get_server(), $request );
|
||||
$headers = $response->get_headers();
|
||||
|
||||
$this->assertNotEmpty( $headers['Allow'] );
|
||||
$this->assertEquals( $headers['Allow'], 'GET' );
|
||||
|
||||
wp_set_current_user( self::$editor_id );
|
||||
$request = new WP_REST_Request( 'OPTIONS', sprintf( '/wp/v2/media/%d', $id1 ) );
|
||||
$response = rest_get_server()->dispatch( $request );
|
||||
$response = apply_filters( 'rest_post_dispatch', $response, rest_get_server(), $request );
|
||||
$headers = $response->get_headers();
|
||||
|
||||
$this->assertNotEmpty( $headers['Allow'] );
|
||||
$this->assertEquals( $headers['Allow'], 'GET, POST, PUT, PATCH, DELETE' );
|
||||
}
|
||||
|
||||
public function test_get_items() {
|
||||
wp_set_current_user( 0 );
|
||||
$id1 = $this->factory->attachment->create_object(
|
||||
|
||||
@ -189,6 +189,28 @@ class WP_Test_REST_Posts_Controller extends WP_Test_REST_Post_Type_Controller_Te
|
||||
$this->assertEquals( array( 'context', 'id', 'password' ), $keys );
|
||||
}
|
||||
|
||||
/**
|
||||
* @ticket 43701
|
||||
*/
|
||||
public function test_allow_header_sent_on_options_request() {
|
||||
$request = new WP_REST_Request( 'OPTIONS', sprintf( '/wp/v2/posts/%d', self::$post_id ) );
|
||||
$response = rest_get_server()->dispatch( $request );
|
||||
$response = apply_filters( 'rest_post_dispatch', $response, rest_get_server(), $request );
|
||||
$headers = $response->get_headers();
|
||||
|
||||
$this->assertNotEmpty( $headers['Allow'] );
|
||||
$this->assertEquals( $headers['Allow'], 'GET' );
|
||||
|
||||
wp_set_current_user( self::$editor_id );
|
||||
$request = new WP_REST_Request( 'OPTIONS', sprintf( '/wp/v2/posts/%d', self::$post_id ) );
|
||||
$response = rest_get_server()->dispatch( $request );
|
||||
$response = apply_filters( 'rest_post_dispatch', $response, rest_get_server(), $request );
|
||||
$headers = $response->get_headers();
|
||||
|
||||
$this->assertNotEmpty( $headers['Allow'] );
|
||||
$this->assertEquals( $headers['Allow'], 'GET, POST, PUT, PATCH, DELETE' );
|
||||
}
|
||||
|
||||
public function test_get_items() {
|
||||
$request = new WP_REST_Request( 'GET', '/wp/v2/posts' );
|
||||
$response = rest_get_server()->dispatch( $request );
|
||||
|
||||
Loading…
Reference in New Issue
Block a user