Make WordPress Core

Opened 8 months ago

Closed 7 months ago

#52691 closed defect (bug) (fixed)

Check if JSONP is enabled prior to outputting the jsonp-type content-type

Reported by: dd32 Owned by: rachelbaker
Milestone: 5.8 Priority: lowest
Severity: trivial Version:
Component: REST API Keywords: has-patch commit
Focuses: rest-api Cc:


Currently when JSONP is disabled, the Content-Type header is still output as if the response will be a jsonp response (But it won't be).

The attached PR simply runs the filter before outputting the header.

This still isn't strictly correct for all cases, as an invalid jsonp callback will still output non-jsonp using the jsonp content-type, but that's not a regression here, and I wasn't sure about shifting the invalid jsonp callback sanitization earlier in the function.

Change History (3)

This ticket was mentioned in PR #1063 on WordPress/wordpress-develop by dd32.

8 months ago

  • Keywords has-patch added

#2 @TimothyBlynJacobs
8 months ago

  • Keywords commit added
  • Milestone changed from Awaiting Review to 5.8


#3 @rachelbaker
7 months ago

  • Owner set to rachelbaker
  • Resolution set to fixed
  • Status changed from new to closed

In 50695:

REST API: Move the rest_jsonp_enabled filter before setting the Content-Type header.

Fixes an issue where if JSONP was disabled the Content-Type HTTP header was still set to application/javascript.

Props dd32, TimothyBlynJacobs.
Fixes #52691.

Note: See TracTickets for help on using tickets.