Oauth parameters with Underscores in header names being dropped | WordPress.org

Wp Fan & Coder
(@facetop)

6 years, 4 months ago

Hi,

I have struggled with passing final parameters in headers of request to WP API with Oauth credentials.

What I have discovered that parameters with Underscores in header names are being filtered away (dropped ie removed).

Then I found this:
This was introduced to prevent cross-site-scripting attacks via header injection. Headers containing invalid characters (including underscores) are now silently dropped!

Here is the link:
https://github.com/requests/requests/issues/1292

Easiest fix is to remove _ underscore from parameter names from Oauth1 plugin!

Could please respond fast to this issue, because this plugin is not finished, and WP community should be aware of this!

Thank you and waiting for your fast response.

The page I need help with: [log in to see the link]

The topic ‘Oauth parameters with Underscores in header names being dropped’ is closed to new replies.

In: Plugins
0 replies
1 participant
Last reply from: Wp Fan & Coder
Last activity: 6 years, 4 months ago
Status: not resolved