From a790c4535709a614475007621cd77fd535d68379 Mon Sep 17 00:00:00 2001 From: George Mamadashvili <georgemamadashvili@gmail.com> Date: Wed, 11 Dec 2024 11:17:42 +0400 Subject: [PATCH] Try: Return error when session is missing for REST nonce refresh --- lib/compat/wordpress-6.8/ajax-actions.php | 22 ++++++++++++++++++++++ lib/load.php | 1 + 2 files changed, 23 insertions(+) create mode 100644 lib/compat/wordpress-6.8/ajax-actions.php diff --git a/lib/compat/wordpress-6.8/ajax-actions.php b/lib/compat/wordpress-6.8/ajax-actions.php new file mode 100644 index 00000000000000..24388b7f3b911c --- /dev/null +++ b/lib/compat/wordpress-6.8/ajax-actions.php @@ -0,0 +1,22 @@ +<?php +/** + * Temporary compatibility shims for Core Ajax handlers. + * + * @package gutenberg + */ + +/** + * Handles renewing the REST API nonce via AJAX. + * + * @since 5.3.0 + * @since 6.8.0 Returns error when session token is missing. + */ +function gutenberg_ajax_rest_nonce() { + $token = wp_get_session_token(); + if ( empty( $token ) ) { + wp_send_json_error( null, rest_authorization_required_code() ); + } + + exit( wp_create_nonce( 'wp_rest' ) ); +} +add_action( 'wp_ajax_rest-nonce', 'gutenberg_ajax_rest_nonce', 0 ); diff --git a/lib/load.php b/lib/load.php index 371f9c54e5fc4a..68fb07f329686e 100644 --- a/lib/load.php +++ b/lib/load.php @@ -95,6 +95,7 @@ function gutenberg_is_experiment_enabled( $name ) { require __DIR__ . '/compat/wordpress-6.7/post-formats.php'; // WordPress 6.8 compat. +require __DIR__ . '/compat/wordpress-6.8/ajax-actions.php'; require __DIR__ . '/compat/wordpress-6.8/preload.php'; require __DIR__ . '/compat/wordpress-6.8/blocks.php'; require __DIR__ . '/compat/wordpress-6.8/functions.php';