Try: Return error when session is missing for REST nonce refresh

WordPress · Jan 8, 2025 · a790c45 · a790c45
1 parent ad4da87
commit a790c45
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 0 deletions.
diff --git a/lib/compat/wordpress-6.8/ajax-actions.php b/lib/compat/wordpress-6.8/ajax-actions.php
@@ -0,0 +1,22 @@
+<?php
+/**
+ * Temporary compatibility shims for Core Ajax handlers.
+ *
+ * @package gutenberg
+ */
+
+/**
+ * Handles renewing the REST API nonce via AJAX.
+ *
+ * @since 5.3.0
+ * @since 6.8.0 Returns error when session token is missing.
+ */
+function gutenberg_ajax_rest_nonce() {
+	$token = wp_get_session_token();
+	if ( empty( $token ) ) {
+		wp_send_json_error( null, rest_authorization_required_code() );
+	}
+
+	exit( wp_create_nonce( 'wp_rest' ) );
+}
+add_action( 'wp_ajax_rest-nonce', 'gutenberg_ajax_rest_nonce', 0 );
diff --git a/lib/load.php b/lib/load.php
@@ -95,6 +95,7 @@ function gutenberg_is_experiment_enabled( $name ) {
 require __DIR__ . '/compat/wordpress-6.7/post-formats.php';
 
 // WordPress 6.8 compat.
+require __DIR__ . '/compat/wordpress-6.8/ajax-actions.php';
 require __DIR__ . '/compat/wordpress-6.8/preload.php';
 require __DIR__ . '/compat/wordpress-6.8/blocks.php';
 require __DIR__ . '/compat/wordpress-6.8/functions.php';