From 94fe8fce078adad187159139e94bb5aba1e8893c Mon Sep 17 00:00:00 2001 From: Sebastian Echeverry Date: Wed, 5 Jun 2019 21:12:20 -0500 Subject: [PATCH] Fix bugs for a multisite environment. Use get_home_url to creat the rest URI. Use apache_request_header in case $_SERVER didn't retrieve it. --- wp-includes/rest-api/auth/class-wp-rest-key-pair.php | 2 +- wp-includes/rest-api/auth/class-wp-rest-token.php | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/wp-includes/rest-api/auth/class-wp-rest-key-pair.php b/wp-includes/rest-api/auth/class-wp-rest-key-pair.php index df47258..0181c6d 100644 --- a/wp-includes/rest-api/auth/class-wp-rest-key-pair.php +++ b/wp-includes/rest-api/auth/class-wp-rest-key-pair.php @@ -80,7 +80,7 @@ public static function get_rest_uri() { $prefix = rest_get_url_prefix(); } - return sprintf( '/%s/%s/%s', $prefix, self::_NAMESPACE_, self::_REST_BASE_ ); + return sprintf( '%s/%s/%s/%s', get_home_url(), $prefix, self::_NAMESPACE_, self::_REST_BASE_ ); } /** diff --git a/wp-includes/rest-api/auth/class-wp-rest-token.php b/wp-includes/rest-api/auth/class-wp-rest-token.php index 4b67d02..4682768 100644 --- a/wp-includes/rest-api/auth/class-wp-rest-token.php +++ b/wp-includes/rest-api/auth/class-wp-rest-token.php @@ -762,6 +762,14 @@ public function get_auth_header() { $header = sanitize_text_field( $_SERVER['REDIRECT_HTTP_AUTHORIZATION'] ); } + //Maybe apache? + if( function_exists('apache_request_headers') ) { + $headers = apache_request_headers(); + if (! $header && is_array($headers) && isset($headers['Authorization'])) { + $header = sanitize_text_field( $headers['Authorization'] ); + } + } + // The HTTP Authorization Header is missing, return an error. if ( ! $header ) { return new WP_Error(