Opened 9 years ago
Last modified 6 years ago
#35154 new defect (bug)
The admin_url filter might break ajaxurl usage
Reported by: | jadpm | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | |
Component: | General | Keywords: | reporter-feedback |
Focuses: | Cc: |
Description
ajaxurl
is a javascript global generated basically as
var ajaxurl = '<?php echo admin_url( 'admin-ajax.php', 'relative' ); ?>';
admin_url()
results get filtered by admin_url
, which might add query arguments into ajaxurl
, or at least modify it on a substantial way.
We have several instances where we assume that ajaxurl
will be an URL without query arguments, like this one:
// wp-admin\js\tags-box.js 179 ajaxurl + '?action=ajax-tag-search&tax=' + tax,
That assumption might be completely wrong.
I am attaching a list of places where we define ajax_url
and a list of places where we assume it is a clean, query-arguments-free URL. Note that those lists might not be complete, although I greped against WordPress trunk.
As a solution idea, we might want to create a javascript version of add_query_arg()
and use it extensively.
Attachments (2)
Change History (5)
#2
in reply to:
↑ description
@
9 years ago
- Keywords reporter-feedback added
Replying to jadpm:
admin_url()
results get filtered byadmin_url
, which might add query arguments intoajaxurl
, or at least modify it on a substantial way.
What's the use case for an admin URL which contains query args? Is there an example of this out in the wild?
As an aside, shouldn't they be using
wp.ajax.settings.url
rather than defining it themselves? (wp-util.js is a small dependency to add if it needs to be).As for a js version of
add_query_arg()
, I'm not able to create a patch just now, but I use the following in a few plug-ins (it's not a strict port ofadd_query_arg()
):that could be modified to accept an object and URL so that you can more concisely add multiple key-value pairs.