Changeset 12632 for sites/trunk/api.wordpress.org/public_html/themes/theme-directory/1.0/index.php

Timestamp:

06/08/2023 02:34:42 AM (3 years ago)

Author:

dd32

Message:

Theme Directory: Refactor the API calls to properly query the user with favorites.

This reverts [12630] which was a quick-fix for the issue, but it was actually caused by [12600].

This refactors the API query code to avoid using jsonp requests for ease of debugging, and slims down the request to what it actually needs to query for.

File:

• sites/trunk/api.wordpress.org/public_html/themes/theme-directory/1.0/index.php (modified) (1 diff)

sites/trunk/api.wordpress.org/public_html/themes/theme-directory/1.0/index.php

@@ -18 +18 @@
 function api_send_json( $data ) {
     // Allow cross-domain calls from *.wordpress.org
-    if ( isset( $_SERVER['HTTP_ORIGIN'] ) && preg_match( '!^https?://[^.]+\.wordpress\.org/!i', $_SERVER['HTTP_ORIGIN'] ) ) {
+    if ( isset( $_SERVER['HTTP_ORIGIN'] ) && preg_match( '!^https?://([^.]+\.)?wordpress\.org/?$!i', $_SERVER['HTTP_ORIGIN'] ) ) {
         header( 'Access-Control-Allow-Origin: ' . $_SERVER['HTTP_ORIGIN'] );
+        header( 'Access-Control-Allow-Credentials: true' ); // Allow cookies to be used.
     }