Skip to content
Permalink
Browse files

Editor: Add Nonce Endpoint

This is a follow up to #47843, implementing a PHP endpoint and inline scripts 
after the editor package updates. The action was originally added in
WordPress/gutenberg#16683.

Fixes #48076.




git-svn-id: https://develop.svn.wordpress.org/trunk@46253 602fd350-edb4-49c9-b593-d223f7449a82
  • Loading branch information...
ellatrix committed Sep 23, 2019
1 parent 42e5e4d commit 83dd94f3a8153dc829f6ee2c05056b031ba99d88
Showing with 34 additions and 31 deletions.
  1. +12 −12 package-lock.json
  2. +1 −0 src/wp-admin/admin-ajax.php
  3. +9 −0 src/wp-admin/includes/ajax-actions.php
  4. +12 −19 src/wp-includes/script-loader.php

Some generated files are not rendered by default. Learn more.

@@ -53,6 +53,7 @@
'autocomplete-user',
'dashboard-widgets',
'logged-in',
'rest-nonce',
);
$core_actions_post = array(
@@ -5268,3 +5268,12 @@ function wp_ajax_health_check_get_sizes() {
wp_send_json_success( $all_sizes );
}
/**
* Ajax handler to renew the REST API nonce.
*
* @since 5.3.0
*/
function wp_ajax_rest_nonce() {
exit( wp_create_nonce( 'wp_rest' ) );
}
@@ -651,26 +651,19 @@ function wp_default_packages_inline_scripts( &$scripts ) {
}
$scripts->add_inline_script(
'wp-api-fetch',
sprintf(
implode(
"\n",
array(
'( function() {',
' var nonceMiddleware = wp.apiFetch.createNonceMiddleware( "%s" );',
' wp.apiFetch.use( nonceMiddleware );',
' wp.hooks.addAction(',
' "heartbeat.tick",',
' "core/api-fetch/create-nonce-middleware",',
' function( response ) {',
' if ( response[ "rest_nonce" ] ) {',
' nonceMiddleware.nonce = response[ "rest_nonce" ];',
' }',
' }',
' );',
'} )();',
)
join(
array(
sprintf(
'wp.apiFetch.nonceMiddleware = wp.apiFetch.createNonceMiddleware( "%s" );',
( wp_installing() && ! is_multisite() ) ? '' : wp_create_nonce( 'wp_rest' )
),
'wp.apiFetch.use( wp.apiFetch.nonceMiddleware );',
sprintf(
'wp.apiFetch.nonceEndpoint = "%s";',
admin_url( 'admin-ajax.php?action=rest-nonce' )
),
),
( wp_installing() && ! is_multisite() ) ? '' : wp_create_nonce( 'wp_rest' )
"\n"
),
'after'
);

0 comments on commit 83dd94f

Please sign in to comment.
You can’t perform that action at this time.