WordPress.org

Make WordPress Core

Ticket #34832: 34832.2.diff

File 34832.2.diff, 3.2 KB (added by joehoyle, 6 years ago)
  • src/wp-includes/rest-api/class-wp-rest-server.php

    diff --git a/src/wp-includes/rest-api/class-wp-rest-server.php b/src/wp-includes/rest-api/class-wp-rest-server.php
    index 2c46fd8..dad4070 100644
    a b class WP_REST_Server { 
    237237                $this->send_header( 'Access-Control-Allow-Headers', 'Authorization' );
    238238
    239239                /**
     240                 * Send nocache headers on authenticated requests.
     241                 *
     242                 * @since 4.4.0
     243                 *
     244                 * @param bool $rest_send_nocache_headers Whether to send no-cache headers.
     245                 */
     246                $send_no_cache_headers = apply_filters( 'rest_send_nocache_headers', is_user_logged_in() );
     247                if ( $send_no_cache_headers ) {
     248                        foreach ( wp_get_nocache_headers() as $header => $header_value ) {
     249                                $this->send_header( $header, $header_value );
     250                        }
     251                }
     252
     253                /**
    240254                 * Filter whether the REST API is enabled.
    241255                 *
    242256                 * @since 4.4.0
  • tests/phpunit/includes/spy-rest-server.php

    diff --git a/tests/phpunit/includes/spy-rest-server.php b/tests/phpunit/includes/spy-rest-server.php
    index c90ac2f..9a1b78a 100644
    a b  
    11<?php
    22
    33class Spy_REST_Server extends WP_REST_Server {
     4
     5        public $sent_headers = array();
     6        public $sent_body = '';
     7
    48        /**
    59         * Get the raw $endpoints data from the server
    610         *
    class Spy_REST_Server extends WP_REST_Server { 
    2024        public function __call( $method, $args ) {
    2125                return call_user_func_array( array( $this, $method ), $args );
    2226        }
     27
     28        public function send_header( $header, $value ) {
     29                $this->sent_headers[ $header ] = $value;
     30        }
     31
     32        public function serve_request( $path = null ) {
     33
     34                ob_start();
     35                $result = parent::serve_request( $path );
     36                $this->sent_body = ob_get_clean();
     37                return $result;
     38        }
    2339}
  • tests/phpunit/tests/rest-api/rest-server.php

    diff --git a/tests/phpunit/tests/rest-api/rest-server.php b/tests/phpunit/tests/rest-api/rest-server.php
    index c9431f0..33e3f24 100644
    a b class Tests_REST_Server extends WP_Test_REST_TestCase { 
    619619                $this->assertContains( 'test/example', $namespaces );
    620620                $this->assertContains( 'test/another', $namespaces );
    621621        }
     622
     623        public function test_nocache_headers_on_authenticated_requests() {
     624                $editor = self::factory()->user->create( array( 'role' => 'editor' ) );
     625                $request = new WP_REST_Request( 'GET', '/', array() );
     626                wp_set_current_user( $editor );
     627
     628                $result = $this->server->serve_request('/');
     629                $headers = $this->server->sent_headers;
     630
     631                foreach ( wp_get_nocache_headers() as $header => $value ) {
     632                        $this->assertTrue( isset( $headers[ $header ] ), sprintf( 'Header %s is not present in the response.', $header ) );
     633                        $this->assertEquals( $value, $headers[ $header ] );
     634                }
     635        }
     636
     637        public function test_no_nocache_headers_on_unauthenticated_requests() {
     638                $editor = self::factory()->user->create( array( 'role' => 'editor' ) );
     639                $request = new WP_REST_Request( 'GET', '/', array() );
     640
     641                $result = $this->server->serve_request('/');
     642                $headers = $this->server->sent_headers;
     643
     644                foreach ( wp_get_nocache_headers() as $header => $value ) {
     645                        $this->assertFalse( isset( $headers[ $header ] ) && $headers[ $header ] === $value, sprintf( 'Header %s is set to nocache.', $header ) );
     646                }
     647        }
    622648}