Make WordPress Core

Changeset 44933


Ignore:
Timestamp:
03/19/2019 03:21:28 AM (6 years ago)
Author:
kadamwhite
Message:

REST API: Ensure "Allow" header is returned for OPTIONS requests.

This changeset ensures $request->set_url_params() is called while fulfilling OPTIONS requests, where previously it was skipped because OPTIONS requests short-circuit the logic in dispatch which handles this setup for other request methods. Omitting the URL parameters prevented the Allow header from being set.

Props killua99, noisysocks.
Fixes #45753.

Location:
trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/rest-api.php

    r44698 r44933  
    616616
    617617    foreach ( $handler->get_routes() as $route => $endpoints ) {
    618         $match = preg_match( '@^' . $route . '$@i', $request->get_route() );
     618        $match = preg_match( '@^' . $route . '$@i', $request->get_route(), $matches );
    619619
    620620        if ( ! $match ) {
    621621            continue;
     622        }
     623
     624        $args = array();
     625        foreach ( $matches as $param => $value ) {
     626            if ( ! is_int( $param ) ) {
     627                $args[ $param ] = $value;
     628            }
     629        }
     630
     631        foreach ( $endpoints as $endpoint ) {
     632            // Remove the redundant preg_match argument.
     633            unset( $args[0] );
     634
     635            $request->set_url_params( $args );
     636            $request->set_attributes( $endpoint );
    622637        }
    623638
  • trunk/tests/phpunit/tests/rest-api/rest-attachments-controller.php

    r44785 r44933  
    207207        sort( $keys );
    208208        $this->assertEquals( array( 'context', 'id' ), $keys );
     209    }
     210
     211    /**
     212     * @ticket 43701
     213     */
     214    public function test_allow_header_sent_on_options_request() {
     215        $id1      = $this->factory->attachment->create_object(
     216            $this->test_file,
     217            0,
     218            array(
     219                'post_mime_type' => 'image/jpeg',
     220                'post_excerpt'   => 'A sample caption',
     221            )
     222        );
     223        $request  = new WP_REST_Request( 'OPTIONS', sprintf( '/wp/v2/media/%d', $id1 ) );
     224        $response = rest_get_server()->dispatch( $request );
     225        $response = apply_filters( 'rest_post_dispatch', $response, rest_get_server(), $request );
     226        $headers  = $response->get_headers();
     227
     228        $this->assertNotEmpty( $headers['Allow'] );
     229        $this->assertEquals( $headers['Allow'], 'GET' );
     230
     231        wp_set_current_user( self::$editor_id );
     232        $request  = new WP_REST_Request( 'OPTIONS', sprintf( '/wp/v2/media/%d', $id1 ) );
     233        $response = rest_get_server()->dispatch( $request );
     234        $response = apply_filters( 'rest_post_dispatch', $response, rest_get_server(), $request );
     235        $headers  = $response->get_headers();
     236
     237        $this->assertNotEmpty( $headers['Allow'] );
     238        $this->assertEquals( $headers['Allow'], 'GET, POST, PUT, PATCH, DELETE' );
    209239    }
    210240
  • trunk/tests/phpunit/tests/rest-api/rest-posts-controller.php

    r44452 r44933  
    188188        sort( $keys );
    189189        $this->assertEquals( array( 'context', 'id', 'password' ), $keys );
     190    }
     191
     192    /**
     193     * @ticket 43701
     194     */
     195    public function test_allow_header_sent_on_options_request() {
     196        $request  = new WP_REST_Request( 'OPTIONS', sprintf( '/wp/v2/posts/%d', self::$post_id ) );
     197        $response = rest_get_server()->dispatch( $request );
     198        $response = apply_filters( 'rest_post_dispatch', $response, rest_get_server(), $request );
     199        $headers  = $response->get_headers();
     200
     201        $this->assertNotEmpty( $headers['Allow'] );
     202        $this->assertEquals( $headers['Allow'], 'GET' );
     203
     204        wp_set_current_user( self::$editor_id );
     205        $request  = new WP_REST_Request( 'OPTIONS', sprintf( '/wp/v2/posts/%d', self::$post_id ) );
     206        $response = rest_get_server()->dispatch( $request );
     207        $response = apply_filters( 'rest_post_dispatch', $response, rest_get_server(), $request );
     208        $headers  = $response->get_headers();
     209
     210        $this->assertNotEmpty( $headers['Allow'] );
     211        $this->assertEquals( $headers['Allow'], 'GET, POST, PUT, PATCH, DELETE' );
    190212    }
    191213
Note: See TracChangeset for help on using the changeset viewer.