WordPress.org

Make WordPress Core

Changeset 44275


Ignore:
Timestamp:
12/17/2018 07:27:08 PM (6 months ago)
Author:
desrosj
Message:

Block Editor: Refresh nonces used by wp.apiFetch.

Adds heartbeat nonces refreshing support to wp.apiFetch requests.

Props pento, adamsilverstein, dd32, desrosj, youknowriad.

Merges [43939] into trunk.

Fixes #45113.

Location:
trunk
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • trunk

  • trunk/src/js/_enqueues/wp/heartbeat.js

    r43347 r44275  
    352352                    settings.connectionError = true;
    353353                    $document.trigger( 'heartbeat-connection-lost', [error, status] );
     354                    wp.hooks.doAction( 'heartbeat.connection-lost', error, status );
    354355                }
    355356            }
     
    373374                settings.connectionError = false;
    374375                $document.trigger( 'heartbeat-connection-restored' );
     376                wp.hooks.doAction( 'heartbeat.connection-restored' );
    375377            }
    376378        }
     
    401403
    402404            $document.trigger( 'heartbeat-send', [ heartbeatData ] );
     405            wp.hooks.doAction( 'heartbeat.send', heartbeatData );
    403406
    404407            ajaxData = {
     
    437440                if ( response.nonces_expired ) {
    438441                    $document.trigger( 'heartbeat-nonces-expired' );
     442                    wp.hooks.doAction( 'heartbeat.nonces-expired' );
    439443                }
    440444
     
    445449                }
    446450
     451                // Update the heartbeat nonce if set.
     452                if ( response.heartbeat_nonce && typeof window.heartbeatSettings === 'object' ) {
     453                    window.heartbeatSettings.nonce = response.heartbeat_nonce;
     454                    delete response.heartbeat_nonce;
     455                }
     456
     457                // Update the Rest API nonce if set and wp-api loaded.
     458                if ( response.rest_nonce && typeof window.wpApiSettings === 'object' ) {
     459                    window.wpApiSettings.nonce = response.rest_nonce;
     460                    // This nonce is required for api-fetch through heartbeat.tick.
     461                    // delete response.rest_nonce;
     462                }
     463
    447464                $document.trigger( 'heartbeat-tick', [response, textStatus, jqXHR] );
     465                wp.hooks.doAction( 'heartbeat.tick', response, textStatus, jqXHR );
    448466
    449467                // Do this last. Can trigger the next XHR if connection time > 5 sec. and newInterval == 'fast'.
     
    454472                setErrorState( textStatus || 'unknown', jqXHR.status );
    455473                $document.trigger( 'heartbeat-error', [jqXHR, textStatus, error] );
     474                wp.hooks.doAction( 'heartbeat.error', jqXHR, textStatus, error );
    456475            });
    457476        }
  • trunk/src/wp-admin/includes/admin-filters.php

    r43486 r44275  
    6969add_filter( 'heartbeat_received', 'wp_check_locked_posts', 10, 3 );
    7070add_filter( 'heartbeat_received', 'wp_refresh_post_lock', 10, 3 );
     71add_filter( 'heartbeat_received', 'heartbeat_autosave', 500, 2 );
     72
    7173add_filter( 'wp_refresh_nonces', 'wp_refresh_post_nonces', 10, 3 );
    72 add_filter( 'heartbeat_received', 'heartbeat_autosave', 500, 2 );
     74add_filter( 'wp_refresh_nonces', 'wp_refresh_heartbeat_nonces' );
    7375
    7476add_filter( 'heartbeat_settings', 'wp_heartbeat_set_suspension' );
  • trunk/src/wp-admin/includes/misc.php

    r44168 r44275  
    10551055
    10561056        $response['wp-refresh-post-nonces'] = array(
    1057             'replace'        => array(
     1057            'replace' => array(
    10581058                'getpermalinknonce'    => wp_create_nonce( 'getpermalink' ),
    10591059                'samplepermalinknonce' => wp_create_nonce( 'samplepermalink' ),
     
    10621062                '_wpnonce'             => wp_create_nonce( 'update-post_' . $post_id ),
    10631063            ),
    1064             'heartbeatNonce' => wp_create_nonce( 'heartbeat-nonce' ),
    10651064        );
    10661065    }
    10671066
     1067    return $response;
     1068}
     1069
     1070/**
     1071 * Add the latest Heartbeat and REST-API nonce to the Heartbeat response.
     1072 *
     1073 * @since 5.0.0
     1074 *
     1075 * @param array  $response  The Heartbeat response.
     1076 * @return array The Heartbeat response.
     1077 */
     1078function wp_refresh_heartbeat_nonces( $response ) {
     1079    // Refresh the Rest API nonce.
     1080    $response['rest_nonce'] = wp_create_nonce( 'wp_rest' );
     1081    // TEMPORARY: Compat with api-fetch library
     1082    $response['rest-nonce'] = $response['rest_nonce'];
     1083
     1084    // Refresh the Heartbeat nonce.
     1085    $response['heartbeat_nonce'] = wp_create_nonce( 'heartbeat-nonce' );
    10681086    return $response;
    10691087}
  • trunk/src/wp-includes/script-loader.php

    r44273 r44275  
    894894    $scripts->add( 'autosave', "/wp-includes/js/autosave$suffix.js", array( 'heartbeat' ), false, 1 );
    895895
    896     $scripts->add( 'heartbeat', "/wp-includes/js/heartbeat$suffix.js", array( 'jquery' ), false, 1 );
     896    $scripts->add( 'heartbeat', "/wp-includes/js/heartbeat$suffix.js", array( 'jquery', 'wp-hooks' ), false, 1 );
    897897    did_action( 'init' ) && $scripts->localize(
    898898        'heartbeat',
Note: See TracChangeset for help on using the changeset viewer.