Summery Summery
Checks for errors when using cookie-based authentication.
Syntax Syntax
Description Description
WordPress’ built-in cookie authentication is always active for logged in users. However, the API has to check nonces for each request to ensure users are not vulnerable to CSRF.
Parameters Parameters
- $result
-
(Required) Error from another authentication handler, null if we should handle it, or another value if not.
Return Return
(WP_Error|mixed|bool) WP_Error if the cookie is invalid, the $result, otherwise true.
Source Source
File: wp-includes/rest-api.php
} /** * Adds the REST API URL to the WP RSD endpoint. * * @since 4.4.0 * * @see get_rest_url() */ function rest_output_rsd() { $api_root = get_rest_url(); if ( empty( $api_root ) ) { return; } ?> <api name="WP-API" blogID="1" preferred="false" apiLink="<?php echo esc_url( $api_root ); ?>" /> <?php } /** * Outputs the REST API link tag into page header. * * @since 4.4.0 * * @see get_rest_url() */ function rest_output_link_wp_head() { $api_root = get_rest_url(); if ( empty( $api_root ) ) { return; } printf( '<link rel="https://api.w.org/" href="%s" />', esc_url( $api_root ) ); $resource = rest_get_queried_resource_route(); if ( $resource ) { printf( '<link rel="alternate" type="application/json" href="%s" />', esc_url( rest_url( $resource ) ) ); } }
Advertisement
Changelog Changelog
Version | Description |
---|---|
4.4.0 | Introduced. |