WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
WordPress/wp-includes/rest-api
History
Rachel Baker 99cca27041 REST API: Create the general `wp_check_jsonp_callback()` function for validating JSONP callback functions. 
Move the REST API JSONP callback validation check into a separate function named `wp_check_jsonp_callback()`. This allows plugins to use the built-in validation when handling JSONP callbacks.
Extremely Important Note: If you send JSONP in your custom response, make sure you prefix the response with `/**/`. This will mitigate the Rosetta Flash exploit. You should also send the `X-Content-Type-Options:nosniff` header, or even better, use the REST API infrastructure.

Props rmccue.
Fixes #28523.
Built from https://develop.svn.wordpress.org/trunk@37646


git-svn-id: http://core.svn.wordpress.org/trunk@37612 1a063a9b-81f0-0310-95a4-ce76da25c4cd
 		2016-06-06 21:34:28 +00:00
..
class-wp-rest-request.php Docs: Standardize hook docs in wp-includes/rest-api/* to use third-person singular verbs per the inline documentation standards for PHP. 2016-05-22 18:08:29 +00:00
class-wp-rest-response.php Docs: Standardize hook docs in wp-includes/rest-api/* to use third-person singular verbs per the inline documentation standards for PHP. 2016-05-22 18:08:29 +00:00
class-wp-rest-server.php REST API: Create the general `wp_check_jsonp_callback()` function for validating JSONP callback functions. 2016-06-06 21:34:28 +00:00