Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing script dependency: Uncaught TypeError: wp.apiRequest is not a function #558

Closed
dougaxe1 opened this issue Apr 27, 2023 · 3 comments · Fixed by #561
Closed

Missing script dependency: Uncaught TypeError: wp.apiRequest is not a function #558

dougaxe1 opened this issue Apr 27, 2023 · 3 comments · Fixed by #561
Labels
Bug
Milestone
0.8.2

Comments

@dougaxe1
Copy link

dougaxe1 commented Apr 27, 2023
edited
Loading

Describe the bug

In the profile.php/users.php pages, both the TOTP and Backup Codes providers have an implicit dependency on the core 'wp-api-request' script. wp.apiRequest( is utilized for both to perform actions to generate or reset the methods. This dependency was introduced in be5c0a9#diff-e290bc16d5fdda67b5305bcbc2980a79b7fd1db9aeeb30d44e45510fbd08a751R358 and 4d3cb4f#diff-69add38e41f66d3a63f57e8b385442aeb0199b456bf9692bc5c1778d49d40057R192

Normally, the library is enqueued by WordPress core in user-edit.php as a dependency of 'application-passwords':

if ( wp_is_application_passwords_available_for_user( $user_id ) ) {
	wp_enqueue_script( 'application-passwords' );
}

Unfortunately, if a site has disabled application passwords the 'wp-api-request' is no longer enqueued and provider actions fail with no error handling: Uncaught TypeError: wp.apiRequest is not a function

Steps to Reproduce

  1. add_filter( 'wp_is_application_passwords_available', '__return_false' );
  2. Attempt to reset TOTP, or generate backup codes
  3. Observe error in console.

Screenshots, screen recording, code snippet

Required code snippet to trigger bug:

/**
 * Turn off Application Passwords.
 */
add_filter( 'wp_is_application_passwords_available', '__return_false' );

Environment information

  • WordPress 6.1.1, plugin version 0.8.1
  • FF/Chrome/any
  • Desktop Win 11

Please confirm that you have searched existing issues in this repository.

Yes

Please confirm that you have tested with all plugins deactivated except Two-Factor.

No
@dougaxe1 dougaxe1 added the Bug label Apr 27, 2023
@dougaxe1
Copy link
Author

My current workaround is to enqueue the script myself on the profile.php/users.php page:

/**
 * Fix bug in Two Factor when Application Passwords are disabled.
 * 
 * @link https://github.com/WordPress/two-factor/issues/558 -- Bug report
 * 
 * @action show_user_profile
 * @action edit_user_profile
 */
function two_factor_fix_wp_api_request_dependency() {
	wp_enqueue_script( 'wp-api-request' );
}
add_action( 'show_user_profile', 'two_factor_fix_wp_api_request_dependency' );
add_action( 'edit_user_profile', 'two_factor_fix_wp_api_request_dependency' );

@dd32 dd32 added this to the 0.9.0 milestone Apr 28, 2023
@dd32
Copy link
Member

dd32 commented Apr 28, 2023

Thanks for the report @dougaxe1 - this is definitely not intended and will be fixed in the next release.

This was referenced May 2, 2023
Merged
Draft
@dd32 dd32 closed this as completed in #561 May 3, 2023
@dd32 dd32 mentioned this issue May 22, 2023
Closed
14 tasks
@jeffpaul jeffpaul modified the milestones: 0.9.0, 0.8.2 May 24, 2023
@apmeyer
Copy link

apmeyer commented Aug 28, 2023

Thanks for this fix. I just needed to implement it on a new site. It took care of the issue, for now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug
Projects
None yet
Milestone
0.8.2
Development

Successfully merging a pull request may close this issue.

Enqueue jQuery and wp.apiRequest for use within callbacks. dd32/two-factor
4 participants
@apmeyer @dd32 @jeffpaul @dougaxe1