WordPress.org

Make WordPress Core

Opened 6 months ago

Last modified 4 months ago

#47077 new enhancement

Add Support for REDIRECT_HTTP_AUTHORIZATION to REST Server

Reported by: dshanske Owned by:
Milestone: Future Release Priority: normal
Severity: normal Version: 4.4
Component: REST API Keywords: needs-patch
Focuses: Cc:
PR Number:

Description

In WP_REST_Server->get_headers it endeavors to get a subset of headers.

It pulls any header with HTTP, strips the HTTP, and adds it. It adds 'CONTENT_LENGTH', 'CONTENT_MD5', 'CONTENT_TYPE'

Suggesting for compatibility, it pull REDIRECT_HTTP_AUTHORIZATION and add it in as 'Authorization' if HTTP_AUTHORIZATION is not set.

https://github.com/WP-API/Basic-Auth/issues/35
https://github.com/WP-API/Basic-Auth/issues/1

This is mentioned as an issue in multiple auth plugins. In the interest of compatibility, this header should be available to the REST endpoint.

Change History (2)

This ticket was mentioned in Slack in #core-restapi by timothybjacobs. View the logs.


4 months ago

#2 @TimothyBlynJacobs
4 months ago

  • Milestone changed from Awaiting Review to Future Release
  • Version set to 4.4

This seems like a sensible change to me. Do you want to work on a patch @dshanske?

Note: See TracTickets for help on using tickets.