Changeset 39029
- Timestamp:
- 10/30/2016 05:53:04 PM (8 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/rest-api/class-wp-rest-server.php
r38947 r39029 115 115 public function check_authentication() { 116 116 /** 117 * Pass an authentication error to the API117 * Filters REST authentication errors. 118 118 * 119 119 * This is used to pass a WP_Error from an authentication method back to … … 392 392 393 393 if ( $jsonp_callback ) { 394 // Prepend '/**/' to mitigate possible JSONP Flash attacks 394 // Prepend '/**/' to mitigate possible JSONP Flash attacks. 395 395 // https://miki.it/blog/2014/7/8/abusing-jsonp-with-rosetta-flash/ 396 396 echo '/**/' . $jsonp_callback . '(' . $result . ')'; … … 503 503 } 504 504 505 // Relation now changes from '$uri' to '$curie:$relation' 505 // Relation now changes from '$uri' to '$curie:$relation'. 506 506 $rel_regex = str_replace( '\{rel\}', '(.+)', preg_quote( $curie['href'], '!' ) ); 507 507 preg_match( '!' . $rel_regex . '!', $rel, $matches ); … … 583 583 // Determine if any real links were found. 584 584 $has_links = count( array_filter( $embeds ) ); 585 585 586 if ( $has_links ) { 586 587 $embedded[ $rel ] = $embeds; … … 742 743 if ( is_string( $handler['methods'] ) ) { 743 744 $methods = explode( ',', $handler['methods'] ); 744 } else 745 } elseif ( is_array( $handler['methods'] ) ) { 745 746 $methods = $handler['methods']; 746 747 } else { … … 756 757 } 757 758 } 759 758 760 return $endpoints; 759 761 } … … 897 899 if ( is_wp_error( $permission ) ) { 898 900 $response = $permission; 899 } else 901 } elseif ( false === $permission || null === $permission ) { 900 902 $response = new WP_Error( 'rest_forbidden', __( 'Sorry, you are not allowed to do that.' ), array( 'status' => 403 ) ); 901 903 }
Note: See TracChangeset
for help on using the changeset viewer.