REST API: Return the proper status code for failed permission callbacks in WP_REST_Server->dispatch().
Use the rest_authorization_required_code() function to return a 401 status code when a permission callback fails due to a user not being logged in. Merges [42421] to the 4.9 branch. Props jaswrks. Fixes #42828. Built from https://develop.svn.wordpress.org/branches/4.9@42422 git-svn-id: http://core.svn.wordpress.org/branches/4.9@42253 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
af4f4f860e
commit
25bfff959f
|
@ -908,7 +908,7 @@ class WP_REST_Server {
|
|||
if ( is_wp_error( $permission ) ) {
|
||||
$response = $permission;
|
||||
} elseif ( false === $permission || null === $permission ) {
|
||||
$response = new WP_Error( 'rest_forbidden', __( 'Sorry, you are not allowed to do that.' ), array( 'status' => 403 ) );
|
||||
$response = new WP_Error( 'rest_forbidden', __( 'Sorry, you are not allowed to do that.' ), array( 'status' => rest_authorization_required_code() ) );
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue