WordPress.org

Make WordPress Core


Ignore:
Timestamp:
12/04/2016 07:29:18 PM (4 years ago)
Author:
jnylen0
Message:

REST API: Treat any falsy value as false in 'rest_allow_anonymous_comments'.

Extend the check in 'rest_allow_anonymous_comments' to accept any falsy value
(previously this was an explicit check for false).

One possible failure case is that a plugin developer forgets to include a
return value for some code path in their callback for this filter, leading to a
value of null which is currently treated like true.

Props joehoyle, jnylen0.

Fixes #39010.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-comments-controller.php

    r39457 r39487  
    393393             */
    394394            $allow_anonymous = apply_filters( 'rest_allow_anonymous_comments', false, $request );
    395             if ( false === $allow_anonymous ) {
     395            if ( ! $allow_anonymous ) {
    396396                return new WP_Error( 'rest_comment_login_required', __( 'Sorry, you must be logged in to comment.' ), array( 'status' => 401 ) );
    397397            }
Note: See TracChangeset for help on using the changeset viewer.