[wp-trac] [WordPress Trac] #48439: Wrong configuration parameter is taken as Rest Api root
WordPress Trac
noreply at wordpress.org
Sat Oct 26 19:55:54 UTC 2019
#48439: Wrong configuration parameter is taken as Rest Api root
--------------------------------------+-----------------------------
Reporter: dlavrenuek | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: REST API | Version: 5.2.4
Severity: normal | Keywords: has-patch
Focuses: administration, rest-api |
--------------------------------------+-----------------------------
Result of the bug: No updates can be made to the content in the backend
There is a configuration for `siteurl` and `home` in the WordPress
backend. While `siteurl` is the WordPress instance `home` can be another
domain that is used for the frontend. While logged into the backend The
`wpApiSettings` js variable is filled with the value from `home` instead
of `siteurl`. This breaks the backend making it impossible to create or
save any content if the domain used for the actual frontend is configured
to only proxy get requests.
Example site configuration:
The WordPress instance is on `https://some.domain` = siteurl
The Frontend is on `https://some-other.domain` = home
`some-other.domain` is configured to only proxy get requests.
While logged in to the backend the `wpApiSettings` is filled with "https
://some-other.domain" instead of "https://some.domain"
The problem lies in the function `get_rest_url` in `includes/rest-api.php`
that builds the wrong url. A patch is provided:
{{{
Index: wp-includes/rest-api.php
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
===================================================================
--- wp-includes/rest-api.php (date 1572118458000)
+++ wp-includes/rest-api.php (date 1572118458000)
@@ -356,14 +356,14 @@
global $wp_rewrite;
if ( $wp_rewrite->using_index_permalinks() ) {
- $url = get_home_url( $blog_id, $wp_rewrite->index
. '/' . rest_get_url_prefix(), $scheme );
+ $url = get_site_url( $blog_id, $wp_rewrite->index
. '/' . rest_get_url_prefix(), $scheme );
} else {
- $url = get_home_url( $blog_id,
rest_get_url_prefix(), $scheme );
+ $url = get_site_url( $blog_id,
rest_get_url_prefix(), $scheme );
}
$url .= $path;
} else {
- $url = trailingslashit( get_home_url( $blog_id, '',
$scheme ) );
+ $url = trailingslashit( get_site_url( $blog_id, '',
$scheme ) );
// nginx only allows HTTP/1.0 methods when redirecting
from / to /index.php
// To work around this, we manually add index.php to the
URL, avoiding the redirect.
if ( 'index.php' !== substr( $url, 9 ) ) {
@@ -375,7 +375,7 @@
if ( is_ssl() ) {
// If the current host is the same as the REST URL host,
force the REST URL scheme to HTTPS.
- if ( $_SERVER['SERVER_NAME'] === parse_url( get_home_url(
$blog_id ), PHP_URL_HOST ) ) {
+ if ( $_SERVER['SERVER_NAME'] === parse_url( get_site_url(
$blog_id ), PHP_URL_HOST ) ) {
$url = set_url_scheme( $url, 'https' );
}
}
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/48439>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list