[wp-trac] [WordPress Trac] #47962: Allow apiRequest to do requests on external WordPress sites
WordPress Trac
noreply at wordpress.org
Mon Sep 2 17:40:13 UTC 2019
#47962: Allow apiRequest to do requests on external WordPress sites
-------------------------+-----------------------------
Reporter: imath | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: REST API | Version: trunk
Severity: normal | Keywords: has-patch
Focuses: javascript |
-------------------------+-----------------------------
Hi,
It's not possible to use the `wp.apiRequest` function to do REST requests
on external WordPress sites as it forces the addition of the `X-WP-Nonce`
header from the site where the request was made which of course doesn't
match with the one generated by the external WordPress site. I think it's
a bit too bad :(
Here's a [https://gist.github.com/imath/00630617d731b51e4db4ef9f81752eb5
Gist] to test what I'm describing above on my personal site.
If you run the code, you'll get a cross domain issue:
`blocked by CORS policy: Request header field x-wp-nonce is not allowed by
Access-Control-Allow-Headers in preflight response.`
Now if you run the code after applying the attached patch, you'll get 10
of my posts where I link to this site.
Is there something wrong about allowing these external requests ? Else I
think it would be pretty useful.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/47962>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list