From 9e9adb0bfe1f9e5c3c0ff1ba1423db0b1d5786f3 Mon Sep 17 00:00:00 2001 From: Rachel Baker Date: Wed, 29 Jun 2016 01:56:32 +0000 Subject: [PATCH] REST API: Include auto-discovery Link header when serving API requests. The Link header allows clients to verify if a site has made the REST API available, as well as indicating how to access it. Props danielbachhuber. Fixes #35580. git-svn-id: https://develop.svn.wordpress.org/trunk@37903 602fd350-edb4-49c9-b593-d223f7449a82 --- src/wp-includes/rest-api/class-wp-rest-server.php | 5 +++++ tests/phpunit/tests/rest-api/rest-server.php | 11 +++++++++++ 2 files changed, 16 insertions(+) diff --git a/src/wp-includes/rest-api/class-wp-rest-server.php b/src/wp-includes/rest-api/class-wp-rest-server.php index 12e4086bbc..cb19242bf1 100644 --- a/src/wp-includes/rest-api/class-wp-rest-server.php +++ b/src/wp-includes/rest-api/class-wp-rest-server.php @@ -228,6 +228,11 @@ class WP_REST_Server { $this->send_header( 'Content-Type', $content_type . '; charset=' . get_option( 'blog_charset' ) ); $this->send_header( 'X-Robots-Tag', 'noindex' ); + $api_root = get_rest_url(); + if ( ! empty( $api_root ) ) { + $this->send_header( 'Link', '<' . esc_url_raw( $api_root ) . '>; rel="https://api.w.org/"' ); + } + /* * Mitigate possible JSONP Flash attacks. * diff --git a/tests/phpunit/tests/rest-api/rest-server.php b/tests/phpunit/tests/rest-api/rest-server.php index 8a53360157..86170520ba 100644 --- a/tests/phpunit/tests/rest-api/rest-server.php +++ b/tests/phpunit/tests/rest-api/rest-server.php @@ -726,6 +726,17 @@ class Tests_REST_Server extends WP_Test_REST_TestCase { $this->assertEquals( 'noindex', $headers['X-Robots-Tag'] ); } + public function test_link_header_on_requests() { + $api_root = get_rest_url(); + + $request = new WP_REST_Request( 'GET', '/', array() ); + + $result = $this->server->serve_request('/'); + $headers = $this->server->sent_headers; + + $this->assertEquals( '<' . esc_url_raw( $api_root ) . '>; rel="https://api.w.org/"', $headers['Link'] ); + } + public function test_nocache_headers_on_authenticated_requests() { $editor = self::factory()->user->create( array( 'role' => 'editor' ) ); $request = new WP_REST_Request( 'GET', '/', array() );