WordPress.org

Make WordPress Core

Opened 2 years ago

Last modified 18 months ago

#36257 assigned enhancement

REST API: It's difficult to impossible to determine the endpoint matched to a request

Reported by: jnylen0 Owned by: rmccue
Milestone: Future Release Priority: normal
Severity: normal Version:
Component: REST API Keywords: 4.8-early
Focuses: Cc:

Description

Originally raised in Slack - https://wordpress.slack.com/archives/core-restapi/p1457730713002298

It is really difficult (and sometimes impossible) to get good information about the route/endpoint that was matched to a request.

You can inspect $handler['callback'] in 'rest_dispatch_request', which gives the function that will handle the endpoint. In 'rest_post_dispatch' you can get the URL regex that was matched. BUT none of that works if an error occurred in 'rest_authentication_errors', because the request is never dispatched.

A couple of cases where we need to match up requests to endpoints on WordPress.com:

  1. Restricting access to certain endpoints. As far as I can tell, this is only possible by inspecting $handler['callback'] during e.g. 'rest_dispatch_request' and looking at the class and method name of the callback. (This also has the drawback that you can't prevent the endpoint's permission_callback from being called. To get around this, we use the filters added in #35590.)
  2. Monitoring of endpoint calls, response times, etc. Getting the matched route regex, like /wp/v2/posts/(?P<id>[\d]+), is possible by listening on the 'rest_post_dispatch' filter, but as mentioned above, this doesn't work if an error occurs in 'rest_authentication_errors', so we've had to move all of our auth logic out of 'rest_authentication_errors' because we want to know which endpoints have failing auth.

Suggested improvements:

  1. Make it possible to consistently and easily get info about the route that was matched up to a request, including the various URL pieces.
  2. Still dispatch a request, or at least match it up to what the route would have been, if an error happens in 'rest_authentication_errors'.

Change History (7)

This ticket was mentioned in Slack in #core-restapi by jnylen. View the logs.


2 years ago

This ticket was mentioned in Slack in #core-restapi by jnylen. View the logs.


2 years ago

#3 @chriscct7
2 years ago

  • Version trunk deleted

This ticket was mentioned in Slack in #core-restapi by jnylen. View the logs.


20 months ago

This ticket was mentioned in Slack in #core-restapi by rmccue. View the logs.


20 months ago

#6 @rmccue
20 months ago

  • Keywords 4.8-early added
  • Milestone changed from Awaiting Review to Future Release
  • Owner set to rmccue
  • Status changed from new to assigned

This ticket was mentioned in Slack in #core-restapi by jnylen. View the logs.


18 months ago

Note: See TracTickets for help on using tickets.