#43605 closed enhancement (fixed)
Add HTTP/1.0 emulation to apiRequest()
Reported by: | pento | Owned by: | TimothyBlynJacobs |
---|---|---|---|
Milestone: | 5.6 | Priority: | normal |
Severity: | normal | Version: | |
Component: | REST API | Keywords: | good-first-bug has-patch |
Focuses: | rest-api | Cc: |
Description
HTTP/1.1 is nice, but the verbs are fairly strictly filtered by a bunch of web application firewalls.
For wider compatibility, we should default to HTTP/1.0, making use of the X-HTTP-Method-Override
header.
See https://github.com/WordPress/gutenberg/pull/5741 for an example shim, and examples of broken sites.
Change History (14)
#2
@
6 years ago
When someone puts a patch together for this, it'd be great to have manual testing instructions (because I'm assuming it's not possible to test this in an automated way).
This ticket was mentioned in Slack in #core-restapi by earnjam. View the logs.
6 years ago
#4
@
6 years ago
- Owner set to earnjam
- Status changed from new to assigned
Assigning to @earnjam per today's #core-restapi
Slack chat.
#5
@
6 years ago
It looks like the shim got replaced with the @wordpress/api-fetch package and has the HTTP/1.0 emulation covered as far as Gutenberg is concerned. (see api-fetch/src/middlewares/http-v1.js)
Do we still want to add this to wp.apiRequest()
for 5.0? Doesn't seem like Gutenberg needs it anymore.
#6
@
6 years ago
- Keywords needs-patch removed
- Milestone 5.0 deleted
- Resolution set to maybelater
- Status changed from assigned to closed
Good find, @earnjam. The shim was removed from Gutenberg in June: https://github.com/WordPress/gutenberg/commit/8ec748a6b8bdef99afd74d7546254fb6e07eb463#diff-6ff32417da0658502e7caa1a1abbeae6L72
I don't see it necessary to add HTTP/1.0 emulation to wp.apiRequest()
for 5.0.
This ticket was mentioned in Slack in #core-js by swissspidy. View the logs.
5 years ago
#8
@
4 years ago
- Milestone set to 5.6
- Resolution maybelater deleted
- Status changed from closed to reopened
This is still necessary if people want to use the smaller wp.apiRequest
library properly.
#9
@
4 years ago
@earnjam are you still interested in working on this ticket now that it is back open?
#10
@
4 years ago
- Owner earnjam deleted
- Status changed from reopened to assigned
I don't think I can commit to it for 5.6. I'll circle back around if I have some time and it is still open.
#11
@
4 years ago
- Keywords good-first-bug added
Ok, thanks @earnjam!
Adding the good-first-bug
keyword.
The fix here is if the passed method is POST
, PUT
, or DELETE
to pass that in the X-HTTP-Method-Override
header. We then change the method
to POST
.
This ticket was mentioned in PR #580 on WordPress/wordpress-develop by yakimun.
4 years ago
#12
- Keywords has-patch added
Added overriding of the PUT and DELETE methods with the POST method in wp.apiRequest library.
Trac ticket: https://core.trac.wordpress.org/ticket/43605
#13
@
4 years ago
- Owner set to TimothyBlynJacobs
- Resolution set to fixed
- Status changed from assigned to closed
In 49133:
TimothyBJacobs commented on PR #580:
4 years ago
#14
Merged in 9f502ab.
Thanks for the patch @yakimun!
It looks like modsec has some interesting rules that block form encoded strings, but don't block JSON encoded strings. So, we should send things as JSON.
See: https://github.com/WordPress/gutenberg/pull/5971