[wp-trac] [WordPress Trac] #47077: Add Support for REDIRECT_HTTP_AUTHORIZATION to REST Server

WordPress Trac noreply at wordpress.org
Mon Feb 10 04:49:49 UTC 2020


#47077: Add Support for REDIRECT_HTTP_AUTHORIZATION to REST Server
-------------------------------------------------+-------------------------
 Reporter:  dshanske                             |       Owner:  (none)
     Type:  enhancement                          |      Status:  new
 Priority:  normal                               |   Milestone:  5.4
Component:  REST API                             |     Version:  4.4
 Severity:  normal                               |  Resolution:
 Keywords:  dev-feedback has-unit-tests          |     Focuses:
  reporter-feedback has-patch                    |
-------------------------------------------------+-------------------------
Changes (by TimothyBlynJacobs):

 * keywords:  dev-feedback has-unit-tests => dev-feedback has-unit-tests
     reporter-feedback has-patch


Comment:

 @dshanske could you give an example of how this would fix the issue with
 the different auth plugins? The REST API Server does not pass the
 `WP_REST_Request` object to the `rest_authentication_errors` filter. So
 any auth plugin that relied upon the `Authorization` header would have to
 manually retrieve the header value anyways.

 Is the idea that they would use `rest_get_server()->get_headers( $_SERVER
 )['AUTHORIZATION']` instead of checking against `$_SERVER` themselves?

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/47077#comment:12>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list