Block Editor: Refresh nonces used by wp.apiFetch.

Adds heartbeat nonces refreshing support to `wp.apiFetch` requests. Props pento, adamsilverstein, dd32, desrosj, youknowriad. Merges [43939] into trunk. Fixes #45113. git-svn-id: https://develop.svn.wordpress.org/trunk@44275 602fd350-edb4-49c9-b593-d223f7449a82
2018-12-17 19:27:08 +00:00 · 2018-12-17 19:27:08 +00:00 · d75cc8612b
commit d75cc8612b
parent d2ed5529b8
4 changed files with 43 additions and 4 deletions
--- a/src/js/_enqueues/wp/heartbeat.js
+++ b/src/js/_enqueues/wp/heartbeat.js
@ -351,6 +351,7 @@
 				if ( trigger && ! hasConnectionError() ) {
 					settings.connectionError = true;
 					$document.trigger( 'heartbeat-connection-lost', [error, status] );
 					wp.hooks.doAction( 'heartbeat.connection-lost', error, status );
 				}
 			}
 		}
@ -372,6 +373,7 @@
 				settings.errorcount = 0;
 				settings.connectionError = false;
 				$document.trigger( 'heartbeat-connection-restored' );
 				wp.hooks.doAction( 'heartbeat.connection-restored' );
 			}
 		}
@ -400,6 +402,7 @@
 			settings.queue = {};
 			$document.trigger( 'heartbeat-send', [ heartbeatData ] );
 			wp.hooks.doAction( 'heartbeat.send', heartbeatData );
 			ajaxData = {
 				data: heartbeatData,
@ -436,6 +439,7 @@
 				if ( response.nonces_expired ) {
 					$document.trigger( 'heartbeat-nonces-expired' );
 					wp.hooks.doAction( 'heartbeat.nonces-expired' );
 				}
 				// Change the interval from PHP
@ -444,7 +448,21 @@
 					delete response.heartbeat_interval;
 				}
 				// Update the heartbeat nonce if set.
 				if ( response.heartbeat_nonce && typeof window.heartbeatSettings === 'object' ) {
 					window.heartbeatSettings.nonce = response.heartbeat_nonce;
 					delete response.heartbeat_nonce;
 				}
 				// Update the Rest API nonce if set and wp-api loaded.
 				if ( response.rest_nonce && typeof window.wpApiSettings === 'object' ) {
 					window.wpApiSettings.nonce = response.rest_nonce;
 					// This nonce is required for api-fetch through heartbeat.tick.
 					// delete response.rest_nonce;
 				}
 				$document.trigger( 'heartbeat-tick', [response, textStatus, jqXHR] );
 				wp.hooks.doAction( 'heartbeat.tick', response, textStatus, jqXHR );
 				// Do this last. Can trigger the next XHR if connection time > 5 sec. and newInterval == 'fast'.
 				if ( newInterval ) {
@ -453,6 +471,7 @@
 			}).fail( function( jqXHR, textStatus, error ) {
 				setErrorState( textStatus || 'unknown', jqXHR.status );
 				$document.trigger( 'heartbeat-error', [jqXHR, textStatus, error] );
 				wp.hooks.doAction( 'heartbeat.error', jqXHR, textStatus, error );
 			});
 		}
--- a/src/wp-admin/includes/admin-filters.php
+++ b/src/wp-admin/includes/admin-filters.php
@ -68,9 +68,11 @@ add_action( 'update_option_new_admin_email', 'update_option_new_admin_email', 10
 add_filter( 'heartbeat_received', 'wp_check_locked_posts', 10, 3 );
 add_filter( 'heartbeat_received', 'wp_refresh_post_lock', 10, 3 );
 add_filter( 'wp_refresh_nonces', 'wp_refresh_post_nonces', 10, 3 );
 add_filter( 'heartbeat_received', 'heartbeat_autosave', 500, 2 );
 add_filter( 'wp_refresh_nonces', 'wp_refresh_post_nonces', 10, 3 );
 add_filter( 'wp_refresh_nonces', 'wp_refresh_heartbeat_nonces' );
 add_filter( 'heartbeat_settings', 'wp_heartbeat_set_suspension' );
 // Nav Menu hooks.
--- a/src/wp-admin/includes/misc.php
+++ b/src/wp-admin/includes/misc.php
@ -1054,20 +1054,38 @@ function wp_refresh_post_nonces( $response, $data, $screen_id ) {
 		}
 		$response['wp-refresh-post-nonces'] = array(
-			'replace'        => array(
+			'replace' => array(
 				'getpermalinknonce'    => wp_create_nonce( 'getpermalink' ),
 				'samplepermalinknonce' => wp_create_nonce( 'samplepermalink' ),
 				'closedpostboxesnonce' => wp_create_nonce( 'closedpostboxes' ),
 				'_ajax_linking_nonce'  => wp_create_nonce( 'internal-linking' ),
 				'_wpnonce'             => wp_create_nonce( 'update-post_' . $post_id ),
 			),
 			'heartbeatNonce' => wp_create_nonce( 'heartbeat-nonce' ),
 		);
 	}
 	return $response;
 }
 /**
 * Add the latest Heartbeat and REST-API nonce to the Heartbeat response.
 *
 * @since 5.0.0
 *
 * @param array  $response  The Heartbeat response.
 * @return array The Heartbeat response.
 */
 function wp_refresh_heartbeat_nonces( $response ) {
 	// Refresh the Rest API nonce.
 	$response['rest_nonce'] = wp_create_nonce( 'wp_rest' );
 	// TEMPORARY: Compat with api-fetch library
 	$response['rest-nonce'] = $response['rest_nonce'];
 	// Refresh the Heartbeat nonce.
 	$response['heartbeat_nonce'] = wp_create_nonce( 'heartbeat-nonce' );
 	return $response;
 }
 /**
 * Disable suspension of Heartbeat on the Add/Edit Post screens.
 *
--- a/src/wp-includes/script-loader.php
+++ b/src/wp-includes/script-loader.php
@ -893,7 +893,7 @@ function wp_default_scripts( &$scripts ) {
 	$scripts->add( 'autosave', "/wp-includes/js/autosave$suffix.js", array( 'heartbeat' ), false, 1 );
-	$scripts->add( 'heartbeat', "/wp-includes/js/heartbeat$suffix.js", array( 'jquery' ), false, 1 );
+	$scripts->add( 'heartbeat', "/wp-includes/js/heartbeat$suffix.js", array( 'jquery', 'wp-hooks' ), false, 1 );
 	did_action( 'init' ) && $scripts->localize(
 		'heartbeat',
 		'heartbeatSettings',