Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HTTP method override feature for web-servers that don't allow PUT and DELETE #307

Closed
wants to merge 1 commit into from
Closed

HTTP method override feature for web-servers that don't allow PUT and DELETE #307

wants to merge 1 commit into from

Conversation

gugglegum
Copy link
Contributor

Added HTTP method override feature for web-servers that restrict HTTP method to GET and POST only (don't allow PUT and DELETE)

Some web-servers restrict HTTP methods to only GET and POST. Woo-Commerce uses PUT and DELETE in its API. But there are 2 workarounds for such servers:

  1. Use the POST method and add the "_method=" query parameter to the URL using the real HTTP method.
  2. Use the POST method and add the "X-HTTP-Method-Override" HTTP header with real HTTP method to the request.

Both variants are equivalent. And they can even be used together. This fork adds possibility to use these workarounds.

More information on this can be found here:

All you need to do to activate workaround is to add 1 or 2 options to constructor of the Client like in this example:

use Automattic\WooCommerce\Client;

$client = new Client($url, $consumerKey, $consumerSecret, [
    'wp_api' => true,
    'version' => 'wc/v3',
    'follow_redirects' => true,
    'query_string_auth' => true,
    'timeout' => 60,
    'method_override_query' => true,
    'method_override_header' => false,
]);

The options method_override_query activates ?_method=PUT/DELETE workaround. And the option method_override_header activates workaround with X-HTTP-Method-Override header. Usually it's enough to activate only one of them, but you can activate they both if you want.

If you want to better understand how it's working on Woo-Commerce side, you can review the code in the file class-wc-api-server.php. At the moment this code looks like this:

// Compatibility for clients that can't use PUT/PATCH/DELETE
if ( isset( $_GET['_method'] ) ) {
    $this->method = strtoupper( $_GET['_method'] );
} elseif ( isset( $_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE'] ) ) {
    $this->method = $_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE'];
}

@gugglegum
Added HTTP method override feature for web-servers that restrict HTTP…
595c14f 
… method to GET and POST only (don't allow PUT and DELETE)
@gugglegum gugglegum closed this Sep 30, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@gugglegum