REST API: Allow overriding `jQuery.ajax` calls from within wp-admin
There are now 3 places where we call out to the REST API from within wp-admin. This commit introduces a small library to allow overriding these calls, centralize nonce-passing logic, and eliminate the need to pass a full REST URL down to client code (this last feature is not yet used and will be explored in a separate ticket). Fixes #40919. Built from https://develop.svn.wordpress.org/trunk@41206 git-svn-id: http://core.svn.wordpress.org/trunk@41046 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
a193916f46
commit
c91b130b53
|
@ -110,13 +110,12 @@
|
||||||
control.fetchEmbedDfd.abort();
|
control.fetchEmbedDfd.abort();
|
||||||
}
|
}
|
||||||
|
|
||||||
control.fetchEmbedDfd = jQuery.ajax({
|
control.fetchEmbedDfd = wp.apiRequest({
|
||||||
url: wp.media.view.settings.oEmbedProxyUrl,
|
url: wp.media.view.settings.oEmbedProxyUrl,
|
||||||
data: {
|
data: {
|
||||||
url: control.model.get( 'url' ),
|
url: control.model.get( 'url' ),
|
||||||
maxwidth: control.model.get( 'width' ),
|
maxwidth: control.model.get( 'width' ),
|
||||||
maxheight: control.model.get( 'height' ),
|
maxheight: control.model.get( 'height' ),
|
||||||
_wpnonce: wp.media.view.settings.nonce.wpRestApi,
|
|
||||||
discover: false
|
discover: false
|
||||||
},
|
},
|
||||||
type: 'GET',
|
type: 'GET',
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
!function(a){"use strict";var b,c,d;d=wp.media.view.MediaFrame.VideoDetails.extend({createStates:function(){this.states.add([new wp.media.controller.VideoDetails({media:this.media}),new wp.media.controller.MediaLibrary({type:"video",id:"add-video-source",title:wp.media.view.l10n.videoAddSourceTitle,toolbar:"add-video-source",media:this.media,menu:!1}),new wp.media.controller.MediaLibrary({type:"text",id:"add-track",title:wp.media.view.l10n.videoAddTrackTitle,toolbar:"add-track",media:this.media,menu:"video-details"})])}}),b=a.MediaWidgetModel.extend({}),c=a.MediaWidgetControl.extend({showDisplaySettings:!1,oembedResponses:{},mapModelToMediaFrameProps:function(b){var c,d=this;return c=a.MediaWidgetControl.prototype.mapModelToMediaFrameProps.call(d,b),c.link="embed",c},fetchEmbed:function(){var a,b=this;a=b.model.get("url"),b.oembedResponses[a]||(b.fetchEmbedDfd&&"pending"===b.fetchEmbedDfd.state()&&b.fetchEmbedDfd.abort(),b.fetchEmbedDfd=jQuery.ajax({url:wp.media.view.settings.oEmbedProxyUrl,data:{url:b.model.get("url"),maxwidth:b.model.get("width"),maxheight:b.model.get("height"),_wpnonce:wp.media.view.settings.nonce.wpRestApi,discover:!1},type:"GET",dataType:"json",context:b}),b.fetchEmbedDfd.done(function(c){b.oembedResponses[a]=c,b.renderPreview()}),b.fetchEmbedDfd.fail(function(){b.oembedResponses[a]=null}))},isHostedVideo:function(a){var b=document.createElement("a");return b.href=a,/vimeo|youtu\.?be/.test(b.host)},renderPreview:function(){var a,b,c,d,e,f,g,h=this,i=!1;c=h.model.get("attachment_id"),d=h.model.get("url"),g=h.model.get("error"),(c||d)&&(!c&&d&&(i=h.isHostedVideo(d)),i&&(h.fetchEmbed(),e=h.oembedResponses[d]?h.oembedResponses[d].thumbnail_url:null),f=h.selectedAttachment.get("mime"),f&&c&&(_.contains(_.values(wp.media.view.settings.embedMimes),f)||(g="unsupported_file_type")),a=h.$el.find(".media-widget-preview"),b=wp.template("wp-media-widget-video-preview"),a.html(b({model:{attachment_id:h.model.get("attachment_id"),src:d,poster:e},is_hosted_embed:i,error:g})),wp.mediaelement.initialize())},editMedia:function(){var a,b,c,e=this;b=e.mapModelToMediaFrameProps(e.model.toJSON()),a=new d({frame:"video",state:"video-details",metadata:b}),wp.media.frame=a,a.$el.addClass("media-widget"),c=function(a){e.selectedAttachment.set(a),e.model.set(_.extend(_.omit(e.model.defaults(),"title"),e.mapMediaToModelProps(a),{error:!1}))},a.state("video-details").on("update",c),a.state("replace-video").on("replace",c),a.on("close",function(){a.detach()}),a.open()}}),a.controlConstructors.media_video=c,a.modelConstructors.media_video=b}(wp.mediaWidgets);
|
!function(a){"use strict";var b,c,d;d=wp.media.view.MediaFrame.VideoDetails.extend({createStates:function(){this.states.add([new wp.media.controller.VideoDetails({media:this.media}),new wp.media.controller.MediaLibrary({type:"video",id:"add-video-source",title:wp.media.view.l10n.videoAddSourceTitle,toolbar:"add-video-source",media:this.media,menu:!1}),new wp.media.controller.MediaLibrary({type:"text",id:"add-track",title:wp.media.view.l10n.videoAddTrackTitle,toolbar:"add-track",media:this.media,menu:"video-details"})])}}),b=a.MediaWidgetModel.extend({}),c=a.MediaWidgetControl.extend({showDisplaySettings:!1,oembedResponses:{},mapModelToMediaFrameProps:function(b){var c,d=this;return c=a.MediaWidgetControl.prototype.mapModelToMediaFrameProps.call(d,b),c.link="embed",c},fetchEmbed:function(){var a,b=this;a=b.model.get("url"),b.oembedResponses[a]||(b.fetchEmbedDfd&&"pending"===b.fetchEmbedDfd.state()&&b.fetchEmbedDfd.abort(),b.fetchEmbedDfd=wp.apiRequest({url:wp.media.view.settings.oEmbedProxyUrl,data:{url:b.model.get("url"),maxwidth:b.model.get("width"),maxheight:b.model.get("height"),discover:!1},type:"GET",dataType:"json",context:b}),b.fetchEmbedDfd.done(function(c){b.oembedResponses[a]=c,b.renderPreview()}),b.fetchEmbedDfd.fail(function(){b.oembedResponses[a]=null}))},isHostedVideo:function(a){var b=document.createElement("a");return b.href=a,/vimeo|youtu\.?be/.test(b.host)},renderPreview:function(){var a,b,c,d,e,f,g,h=this,i=!1;c=h.model.get("attachment_id"),d=h.model.get("url"),g=h.model.get("error"),(c||d)&&(!c&&d&&(i=h.isHostedVideo(d)),i&&(h.fetchEmbed(),e=h.oembedResponses[d]?h.oembedResponses[d].thumbnail_url:null),f=h.selectedAttachment.get("mime"),f&&c&&(_.contains(_.values(wp.media.view.settings.embedMimes),f)||(g="unsupported_file_type")),a=h.$el.find(".media-widget-preview"),b=wp.template("wp-media-widget-video-preview"),a.html(b({model:{attachment_id:h.model.get("attachment_id"),src:d,poster:e},is_hosted_embed:i,error:g})),wp.mediaelement.initialize())},editMedia:function(){var a,b,c,e=this;b=e.mapModelToMediaFrameProps(e.model.toJSON()),a=new d({frame:"video",state:"video-details",metadata:b}),wp.media.frame=a,a.$el.addClass("media-widget"),c=function(a){e.selectedAttachment.set(a),e.model.set(_.extend(_.omit(e.model.defaults(),"title"),e.mapMediaToModelProps(a),{error:!1}))},a.state("video-details").on("update",c),a.state("replace-video").on("replace",c),a.on("close",function(){a.detach()}),a.open()}}),a.controlConstructors.media_video=c,a.modelConstructors.media_video=b}(wp.mediaWidgets);
|
|
@ -200,13 +200,12 @@ wp.mediaWidgets = ( function( $ ) {
|
||||||
embedLinkView.model.attributes.url = url;
|
embedLinkView.model.attributes.url = url;
|
||||||
}
|
}
|
||||||
|
|
||||||
embedLinkView.dfd = $.ajax({
|
embedLinkView.dfd = wp.apiRequest({
|
||||||
url: wp.media.view.settings.oEmbedProxyUrl,
|
url: wp.media.view.settings.oEmbedProxyUrl,
|
||||||
data: {
|
data: {
|
||||||
url: url,
|
url: url,
|
||||||
maxwidth: embedLinkView.model.get( 'width' ),
|
maxwidth: embedLinkView.model.get( 'width' ),
|
||||||
maxheight: embedLinkView.model.get( 'height' ),
|
maxheight: embedLinkView.model.get( 'height' ),
|
||||||
_wpnonce: wp.media.view.settings.nonce.wpRestApi,
|
|
||||||
discover: false
|
discover: false
|
||||||
},
|
},
|
||||||
type: 'GET',
|
type: 'GET',
|
||||||
|
|
File diff suppressed because one or more lines are too long
|
@ -0,0 +1,87 @@
|
||||||
|
/**
|
||||||
|
* Thin jQuery.ajax wrapper for WP REST API requests.
|
||||||
|
*
|
||||||
|
* Currently only applies to requests that do not use the `wp-api.js` Backbone
|
||||||
|
* client library, though this may change. Serves several purposes:
|
||||||
|
*
|
||||||
|
* - Allows overriding these requests as needed by customized WP installations.
|
||||||
|
* - Sends the REST API nonce as a request header.
|
||||||
|
* - Allows specifying only an endpoint namespace/path instead of a full URL.
|
||||||
|
*
|
||||||
|
* @namespace wp.apiRequest
|
||||||
|
* @since 4.9.0
|
||||||
|
*/
|
||||||
|
|
||||||
|
( function( $ ) {
|
||||||
|
var wpApiSettings = window.wpApiSettings;
|
||||||
|
|
||||||
|
function apiRequest( options ) {
|
||||||
|
options = apiRequest.buildAjaxOptions( options );
|
||||||
|
return apiRequest.transport( options );
|
||||||
|
};
|
||||||
|
|
||||||
|
apiRequest.buildAjaxOptions = function( options ) {
|
||||||
|
var url = options.url;
|
||||||
|
var path = options.path;
|
||||||
|
var namespaceTrimmed, endpointTrimmed;
|
||||||
|
var headers, addNonceHeader, headerName;
|
||||||
|
|
||||||
|
if (
|
||||||
|
typeof options.namespace === 'string' &&
|
||||||
|
typeof options.endpoint === 'string'
|
||||||
|
) {
|
||||||
|
namespaceTrimmed = options.namespace.replace( /^\/|\/$/g, '' );
|
||||||
|
endpointTrimmed = options.endpoint.replace( /^\//, '' );
|
||||||
|
if ( endpointTrimmed ) {
|
||||||
|
path = namespaceTrimmed + '/' + endpointTrimmed;
|
||||||
|
} else {
|
||||||
|
path = namespaceTrimmed;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if ( typeof path === 'string' ) {
|
||||||
|
url = wpApiSettings.root + path.replace( /^\//, '' );
|
||||||
|
}
|
||||||
|
|
||||||
|
// If ?_wpnonce=... is present, no need to add a nonce header.
|
||||||
|
addNonceHeader = ! ( options.data && options.data._wpnonce );
|
||||||
|
|
||||||
|
headers = options.headers || {};
|
||||||
|
|
||||||
|
// If an 'X-WP-Nonce' header (or any case-insensitive variation
|
||||||
|
// thereof) was specified, no need to add a nonce header.
|
||||||
|
if ( addNonceHeader ) {
|
||||||
|
for ( headerName in headers ) {
|
||||||
|
if ( headers.hasOwnProperty( headerName ) ) {
|
||||||
|
if ( headerName.toLowerCase() === 'x-wp-nonce' ) {
|
||||||
|
addNonceHeader = false;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( addNonceHeader ) {
|
||||||
|
// Do not mutate the original headers object, if any.
|
||||||
|
headers = $.extend( {
|
||||||
|
'X-WP-Nonce': wpApiSettings.nonce
|
||||||
|
}, headers );
|
||||||
|
}
|
||||||
|
|
||||||
|
// Do not mutate the original options object.
|
||||||
|
options = $.extend( {}, options, {
|
||||||
|
headers: headers,
|
||||||
|
url: url
|
||||||
|
} );
|
||||||
|
|
||||||
|
delete options.path;
|
||||||
|
delete options.namespace;
|
||||||
|
delete options.endpoint;
|
||||||
|
|
||||||
|
return options;
|
||||||
|
};
|
||||||
|
|
||||||
|
apiRequest.transport = $.ajax;
|
||||||
|
|
||||||
|
window.wp = window.wp || {};
|
||||||
|
window.wp.apiRequest = apiRequest;
|
||||||
|
} )( jQuery );
|
|
@ -0,0 +1 @@
|
||||||
|
!function(a){function b(a){return a=b.buildAjaxOptions(a),b.transport(a)}var c=window.wpApiSettings;b.buildAjaxOptions=function(b){var d,e,f,g,h,i=b.url,j=b.path;if("string"==typeof b.namespace&&"string"==typeof b.endpoint&&(d=b.namespace.replace(/^\/|\/$/g,""),e=b.endpoint.replace(/^\//,""),j=e?d+"/"+e:d),"string"==typeof j&&(i=c.root+j.replace(/^\//,"")),g=!(b.data&&b.data._wpnonce),f=b.headers||{},g)for(h in f)if(f.hasOwnProperty(h)&&"x-wp-nonce"===h.toLowerCase()){g=!1;break}return g&&(f=a.extend({"X-WP-Nonce":c.nonce},f)),b=a.extend({},b,{headers:f,url:i}),delete b.path,delete b.namespace,delete b.endpoint,b},b.transport=a.ajax,window.wp=window.wp||{},window.wp.apiRequest=b}(jQuery);
|
|
@ -4642,13 +4642,12 @@ EmbedLink = wp.media.view.Settings.extend({
|
||||||
url = 'https://www.youtube.com/watch?v=' + youTubeEmbedMatch[ 1 ];
|
url = 'https://www.youtube.com/watch?v=' + youTubeEmbedMatch[ 1 ];
|
||||||
}
|
}
|
||||||
|
|
||||||
this.dfd = $.ajax({
|
this.dfd = wp.apiRequest({
|
||||||
url: wp.media.view.settings.oEmbedProxyUrl,
|
url: wp.media.view.settings.oEmbedProxyUrl,
|
||||||
data: {
|
data: {
|
||||||
url: url,
|
url: url,
|
||||||
maxwidth: this.model.get( 'width' ),
|
maxwidth: this.model.get( 'width' ),
|
||||||
maxheight: this.model.get( 'height' ),
|
maxheight: this.model.get( 'height' )
|
||||||
_wpnonce: wp.media.view.settings.nonce.wpRestApi
|
|
||||||
},
|
},
|
||||||
type: 'GET',
|
type: 'GET',
|
||||||
dataType: 'json',
|
dataType: 'json',
|
||||||
|
|
File diff suppressed because one or more lines are too long
|
@ -3437,7 +3437,6 @@ function wp_enqueue_media( $args = array() ) {
|
||||||
'captions' => ! apply_filters( 'disable_captions', '' ),
|
'captions' => ! apply_filters( 'disable_captions', '' ),
|
||||||
'nonce' => array(
|
'nonce' => array(
|
||||||
'sendToEditor' => wp_create_nonce( 'media-send-to-editor' ),
|
'sendToEditor' => wp_create_nonce( 'media-send-to-editor' ),
|
||||||
'wpRestApi' => wp_create_nonce( 'wp_rest' ),
|
|
||||||
),
|
),
|
||||||
'post' => array(
|
'post' => array(
|
||||||
'id' => 0,
|
'id' => 0,
|
||||||
|
|
|
@ -133,6 +133,14 @@ function wp_default_scripts( &$scripts ) {
|
||||||
'broken' => __('An unidentified error has occurred.')
|
'broken' => __('An unidentified error has occurred.')
|
||||||
) );
|
) );
|
||||||
|
|
||||||
|
$scripts->add( 'wp-api-request', "/wp-includes/js/api-request$suffix.js", array( 'jquery' ), false, 1 );
|
||||||
|
// `wpApiSettings` is also used by `wp-api`, which depends on this script.
|
||||||
|
did_action( 'init' ) && $scripts->localize( 'wp-api-request', 'wpApiSettings', array(
|
||||||
|
'root' => esc_url_raw( get_rest_url() ),
|
||||||
|
'nonce' => ( wp_installing() && ! is_multisite() ) ? '' : wp_create_nonce( 'wp_rest' ),
|
||||||
|
'versionString' => 'wp/v2/',
|
||||||
|
) );
|
||||||
|
|
||||||
$scripts->add( 'wp-pointer', "/wp-includes/js/wp-pointer$suffix.js", array( 'jquery-ui-widget', 'jquery-ui-position' ), '20111129a', 1 );
|
$scripts->add( 'wp-pointer', "/wp-includes/js/wp-pointer$suffix.js", array( 'jquery-ui-widget', 'jquery-ui-position' ), '20111129a', 1 );
|
||||||
did_action( 'init' ) && $scripts->localize( 'wp-pointer', 'wpPointerL10n', array(
|
did_action( 'init' ) && $scripts->localize( 'wp-pointer', 'wpPointerL10n', array(
|
||||||
'dismiss' => __('Dismiss'),
|
'dismiss' => __('Dismiss'),
|
||||||
|
@ -566,17 +574,12 @@ function wp_default_scripts( &$scripts ) {
|
||||||
|
|
||||||
// To enqueue media-views or media-editor, call wp_enqueue_media().
|
// To enqueue media-views or media-editor, call wp_enqueue_media().
|
||||||
// Both rely on numerous settings, styles, and templates to operate correctly.
|
// Both rely on numerous settings, styles, and templates to operate correctly.
|
||||||
$scripts->add( 'media-views', "/wp-includes/js/media-views$suffix.js", array( 'utils', 'media-models', 'wp-plupload', 'jquery-ui-sortable', 'wp-mediaelement' ), false, 1 );
|
$scripts->add( 'media-views', "/wp-includes/js/media-views$suffix.js", array( 'utils', 'media-models', 'wp-plupload', 'jquery-ui-sortable', 'wp-mediaelement', 'wp-api-request' ), false, 1 );
|
||||||
$scripts->add( 'media-editor', "/wp-includes/js/media-editor$suffix.js", array( 'shortcode', 'media-views' ), false, 1 );
|
$scripts->add( 'media-editor', "/wp-includes/js/media-editor$suffix.js", array( 'shortcode', 'media-views' ), false, 1 );
|
||||||
$scripts->add( 'media-audiovideo', "/wp-includes/js/media-audiovideo$suffix.js", array( 'media-editor' ), false, 1 );
|
$scripts->add( 'media-audiovideo', "/wp-includes/js/media-audiovideo$suffix.js", array( 'media-editor' ), false, 1 );
|
||||||
$scripts->add( 'mce-view', "/wp-includes/js/mce-view$suffix.js", array( 'shortcode', 'jquery', 'media-views', 'media-audiovideo' ), false, 1 );
|
$scripts->add( 'mce-view', "/wp-includes/js/mce-view$suffix.js", array( 'shortcode', 'jquery', 'media-views', 'media-audiovideo' ), false, 1 );
|
||||||
|
|
||||||
$scripts->add( 'wp-api', "/wp-includes/js/wp-api$suffix.js", array( 'jquery', 'backbone', 'underscore' ), false, 1 );
|
$scripts->add( 'wp-api', "/wp-includes/js/wp-api$suffix.js", array( 'jquery', 'backbone', 'underscore', 'wp-api-request' ), false, 1 );
|
||||||
did_action( 'init' ) && $scripts->localize( 'wp-api', 'wpApiSettings', array(
|
|
||||||
'root' => esc_url_raw( get_rest_url() ),
|
|
||||||
'nonce' => ( wp_installing() && ! is_multisite() ) ? '' : wp_create_nonce( 'wp_rest' ),
|
|
||||||
'versionString' => 'wp/v2/',
|
|
||||||
) );
|
|
||||||
|
|
||||||
if ( is_admin() ) {
|
if ( is_admin() ) {
|
||||||
$scripts->add( 'admin-tags', "/wp-admin/js/tags$suffix.js", array( 'jquery', 'wp-ajax-response' ), false, 1 );
|
$scripts->add( 'admin-tags', "/wp-admin/js/tags$suffix.js", array( 'jquery', 'wp-ajax-response' ), false, 1 );
|
||||||
|
@ -669,12 +672,12 @@ function wp_default_scripts( &$scripts ) {
|
||||||
$scripts->add( 'admin-gallery', "/wp-admin/js/gallery$suffix.js", array( 'jquery-ui-sortable' ) );
|
$scripts->add( 'admin-gallery', "/wp-admin/js/gallery$suffix.js", array( 'jquery-ui-sortable' ) );
|
||||||
|
|
||||||
$scripts->add( 'admin-widgets', "/wp-admin/js/widgets$suffix.js", array( 'jquery-ui-sortable', 'jquery-ui-draggable', 'jquery-ui-droppable' ), false, 1 );
|
$scripts->add( 'admin-widgets', "/wp-admin/js/widgets$suffix.js", array( 'jquery-ui-sortable', 'jquery-ui-draggable', 'jquery-ui-droppable' ), false, 1 );
|
||||||
$scripts->add( 'media-widgets', "/wp-admin/js/widgets/media-widgets$suffix.js", array( 'jquery', 'media-models', 'media-views' ) );
|
$scripts->add( 'media-widgets', "/wp-admin/js/widgets/media-widgets$suffix.js", array( 'jquery', 'media-models', 'media-views', 'wp-api-request' ) );
|
||||||
$scripts->add_inline_script( 'media-widgets', 'wp.mediaWidgets.init();', 'after' );
|
$scripts->add_inline_script( 'media-widgets', 'wp.mediaWidgets.init();', 'after' );
|
||||||
|
|
||||||
$scripts->add( 'media-audio-widget', "/wp-admin/js/widgets/media-audio-widget$suffix.js", array( 'media-widgets', 'media-audiovideo' ) );
|
$scripts->add( 'media-audio-widget', "/wp-admin/js/widgets/media-audio-widget$suffix.js", array( 'media-widgets', 'media-audiovideo' ) );
|
||||||
$scripts->add( 'media-image-widget', "/wp-admin/js/widgets/media-image-widget$suffix.js", array( 'media-widgets' ) );
|
$scripts->add( 'media-image-widget', "/wp-admin/js/widgets/media-image-widget$suffix.js", array( 'media-widgets' ) );
|
||||||
$scripts->add( 'media-video-widget', "/wp-admin/js/widgets/media-video-widget$suffix.js", array( 'media-widgets', 'media-audiovideo' ) );
|
$scripts->add( 'media-video-widget', "/wp-admin/js/widgets/media-video-widget$suffix.js", array( 'media-widgets', 'media-audiovideo', 'wp-api-request' ) );
|
||||||
$scripts->add( 'text-widgets', "/wp-admin/js/widgets/text-widgets$suffix.js", array( 'jquery', 'backbone', 'editor', 'wp-util', 'wp-a11y' ) );
|
$scripts->add( 'text-widgets', "/wp-admin/js/widgets/text-widgets$suffix.js", array( 'jquery', 'backbone', 'editor', 'wp-util', 'wp-a11y' ) );
|
||||||
$scripts->add_inline_script( 'text-widgets', 'wp.textWidgets.init();', 'after' );
|
$scripts->add_inline_script( 'text-widgets', 'wp.textWidgets.init();', 'after' );
|
||||||
|
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
*
|
*
|
||||||
* @global string $wp_version
|
* @global string $wp_version
|
||||||
*/
|
*/
|
||||||
$wp_version = '4.9-alpha-41205';
|
$wp_version = '4.9-alpha-41206';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
|
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
|
||||||
|
|
Loading…
Reference in New Issue