Make WordPress Core

Changeset 43939


Ignore:
Timestamp:
11/22/2018 07:39:02 PM (6 years ago)
Author:
youknowriad
Message:

Block Editor: Refresh nonces used by wp.apiFetch.

Adds heartbeat nonces refreshing support to wp.apiFetch requests.

Props pento, adamsilverstein, dd32, desrosj.
Fixes #45113.

Location:
branches/5.0/src
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • branches/5.0/src/wp-admin/includes/admin-filters.php

    r43920 r43939  
    6969add_filter( 'heartbeat_received', 'wp_check_locked_posts',  10,  3 );
    7070add_filter( 'heartbeat_received', 'wp_refresh_post_lock',   10,  3 );
    71 add_filter( 'wp_refresh_nonces', 'wp_refresh_post_nonces', 10,  3 );
    7271add_filter( 'heartbeat_received', 'heartbeat_autosave',     500, 2 );
     72
     73add_filter( 'wp_refresh_nonces', 'wp_refresh_post_nonces', 10, 3 );
     74add_filter( 'wp_refresh_nonces', 'wp_refresh_heartbeat_nonces' );
    7375
    7476add_filter( 'heartbeat_settings', 'wp_heartbeat_set_suspension' );
  • branches/5.0/src/wp-admin/includes/misc.php

    r43920 r43939  
    10211021                '_wpnonce' => wp_create_nonce( 'update-post_' . $post_id ),
    10221022            ),
    1023             'heartbeatNonce' => wp_create_nonce( 'heartbeat-nonce' ),
    10241023        );
    10251024    }
    10261025
     1026    return $response;
     1027}
     1028
     1029/**
     1030 * Add the latest Heartbeat and REST-API nonce to the Heartbeat response.
     1031 *
     1032 * @since 5.0.0
     1033 *
     1034 * @param array  $response  The Heartbeat response.
     1035 * @return array The Heartbeat response.
     1036 */
     1037function wp_refresh_heartbeat_nonces( $response ) {
     1038    // Refresh the Rest API nonce.
     1039    $response['rest_nonce'] = wp_create_nonce( 'wp_rest' );
     1040    // TEMPORARY: Compat with api-fetch library
     1041    $response['rest-nonce'] = $response['rest_nonce'];
     1042
     1043    // Refresh the Heartbeat nonce.
     1044    $response['heartbeat_nonce'] = wp_create_nonce( 'heartbeat-nonce' );
    10271045    return $response;
    10281046}
  • branches/5.0/src/wp-includes/js/heartbeat.js

    r41839 r43939  
    313313                    settings.connectionError = true;
    314314                    $document.trigger( 'heartbeat-connection-lost', [error, status] );
     315                    wp.hooks.doAction( 'heartbeat.connection-lost', error, status );
    315316                }
    316317            }
     
    332333                settings.connectionError = false;
    333334                $document.trigger( 'heartbeat-connection-restored' );
     335                wp.hooks.doAction( 'heartbeat.connection-restored' );
    334336            }
    335337        }
     
    358360
    359361            $document.trigger( 'heartbeat-send', [ heartbeatData ] );
     362            wp.hooks.doAction( 'heartbeat.send', heartbeatData );
    360363
    361364            ajaxData = {
     
    394397                if ( response.nonces_expired ) {
    395398                    $document.trigger( 'heartbeat-nonces-expired' );
     399                    wp.hooks.doAction( 'heartbeat.nonces-expired' );
    396400                }
    397401
     
    402406                }
    403407
     408                // Update the heartbeat nonce if set.
     409                if ( response.heartbeat_nonce && typeof window.heartbeatSettings === 'object' ) {
     410                    window.heartbeatSettings.nonce = response.heartbeat_nonce;
     411                    delete response.heartbeat_nonce;
     412                }
     413
     414                // Update the Rest API nonce if set and wp-api loaded.
     415                if ( response.rest_nonce && typeof window.wpApiSettings === 'object' ) {
     416                    window.wpApiSettings.nonce = response.rest_nonce;
     417                    // This nonce is required for api-fetch through heartbeat.tick.
     418                    // delete response.rest_nonce;
     419                }
     420
    404421                $document.trigger( 'heartbeat-tick', [response, textStatus, jqXHR] );
     422                wp.hooks.doAction( 'heartbeat.tick', response, textStatus, jqXHR );
    405423
    406424                // Do this last, can trigger the next XHR if connection time > 5 sec. and newInterval == 'fast'
     
    411429                setErrorState( textStatus || 'unknown', jqXHR.status );
    412430                $document.trigger( 'heartbeat-error', [jqXHR, textStatus, error] );
     431                wp.hooks.doAction( 'heartbeat.error', jqXHR, textStatus, error );
    413432            });
    414433        }
  • branches/5.0/src/wp-includes/script-loader.php

    r43935 r43939  
    870870    $scripts->add( 'autosave', "/wp-includes/js/autosave$suffix.js", array('heartbeat'), false, 1 );
    871871
    872     $scripts->add( 'heartbeat', "/wp-includes/js/heartbeat$suffix.js", array('jquery'), false, 1 );
     872    $scripts->add( 'heartbeat', "/wp-includes/js/heartbeat$suffix.js", array( 'jquery', 'wp-hooks' ), false, 1 );
    873873    did_action( 'init' ) && $scripts->localize( 'heartbeat', 'heartbeatSettings',
    874874        /**
Note: See TracChangeset for help on using the changeset viewer.