How to handle OPTIONS request in remote REST-API acess

  • beshoy

    (@beshoy)


    5 years, 7 months ago

    Ajax request uses OPTIONS request as “preflight”, but it’s being blocked for unauthorized access and the actual call with post or get that is hold the authorization Bearer + token is not done.

    Is there a solution for this?

    • This topic was modified 5 years, 7 months ago by beshoy.
    • This topic was modified 5 years, 7 months ago by beshoy.
Viewing 1 replies (of 1 total)
  • hypermotion

    (@hypermotion)

    5 years, 1 month ago

    I solved this issue by adding in file
    plugin.php
    just before last if !$is_allowed return new WP_ERROR block an override that checks for request method (lines 38/39)

    $is_allowed = preg_match($regex_checker, $request->get_route());
$is_allowed = apply_filters('reqauth/is_allowed', $is_allowed);

// extra code block
if ($request->get_method() === 'OPTIONS') {
    $is_allowed = true;
}

if (!$is_allowed) {
    return new WP_Error('rest_not_logged_in', __('You are not currently logged in.'), array('status' => 401));
}
Viewing 1 replies (of 1 total)
  • The topic ‘How to handle OPTIONS request in remote REST-API acess’ is closed to new replies.