WordPress.org

Make WordPress Core

Ticket #36055: 36055.3.patch

File 36055.3.patch, 1.4 KB (added by DrewAPicture, 3 years ago)

Improved filter docs

  • src/wp-includes/class-wp-xmlrpc-server.php

     
    247247                }
    248248
    249249                /**
    250                  * Filter whether XML-RPC is enabled.
     250                 * Filter whether XML-RPC methods requiring authentication are enabled.
    251251                 *
    252                  * This is the proper filter for turning off XML-RPC.
     252                 * Contrary to the way it's named, this filter does not control whether XML-RPC is *fully*
     253                 * enabled, rather, it only controls whether XML-RPC methods requiring authentication - such
     254                 * as for publishing purposes - are enabled.
    253255                 *
     256                 * Further, the filter does not control whether pingbacks or other custom endpoints that don't
     257                 * require authentication are enabled. This behavior is expected, and due to how parity was matched
     258                 * with the `enable_xmlrpc` UI option the filter replaced when it was introduced in 3.5.
     259                 *
     260                 * To disable XML-RPC methods that require authentication, use:
     261                 *
     262                 *     add_filter( 'xmlrpc_enabled', '__return_false' );
     263                 *
     264                 * For more granular control over all XML-RPC methods and requests, see the {@see 'xmlrpc_methods'}
     265                 * and {@see 'xmlrpc_element_limit'} hooks.
     266                 *
    254267                 * @since 3.5.0
    255268                 *
    256269                 * @param bool $enabled Whether XML-RPC is enabled. Default true.