Hi @dovich
Thank you for using our plugin!
The rest_send_cors_headers() function is an almost exact copy of the same function from the WordPress core (wp-includes/rest-api.php). So if you are having problems with our plugin I would think you would also have problems when using the default REST API provided by WordPress? And if so I would say it is a problem with your nginx configuration?
Could you confirm you are having the same problems when not using our plugin?
Thread Starter
dovich
(@dovich)
Hi, Richard.
Thank you for your plugin!
I completely forgot tell you about a “little” detail – default WP rest headers is disbled, and it’s possible directly from my code: remove_filter( 'rest_pre_serve_request', 'rest_send_cors_headers' );
So there is no problem with my nginx configuration, and all headers are controled by nginx (production necessity).
I just asked you about the possibility to somehow disable sending headers in your plugin – be it a filter or an option in the admin panel.
Thank you.
Hi @dovich
Sorry for the late reply.
Ok, that is clear. We will add a filter in our next release, allowing you to disable the sending of the CORS headers (wp_rest_cache/disable_cors_headers).
Hi @dovich
Sorry, it took a bit longer than intended, but we just released a new version of our plugin which includes the mentioned filter.
Thread Starter
dovich
(@dovich)
Thank you, Richard. I really appreciate your work.
Hi, I appreciate a lot the CORS update but unfortunately, I am not able to make it works properly.
I’m adding the line apply_filters( 'wp_rest_cache/disable_cors_headers', true ) inside my functions.php but nothing change, I still have a header duplication.
Can you kindly explain what I am doing wrong? Thanks a lot.
Hi @lorenzocroccolino
Thank you for using our plugin!
First of all you have to use the function add_filter instead of apply_filters and second you have to actually return a value. So in your case you could use this:
add_filter( 'wp_rest_cache/disable_cors_headers', '__return_true' );
Hi @rockfire
I’ve just tried your snippet but it doesn’t work, I received two header access-control-allow-origin
function initCors( $value , $requestUri = null ) {
header_remove("Access-Control-Allow-Origin");
return $value;
}
add_action( 'rest_api_init', function()
{
remove_filter( 'rest_pre_serve_request','rest_send_cors_headers' );
add_filter( 'rest_pre_serve_request', initCors);
},
15 );
add_filter( 'wp_rest_cache/disable_cors_headers', '__return_false' );
@matteocollina
Oops '__return_false' should have been '__return_true', my mistake. I have changed my previous message to correct this error.
@rockfire sorry but it doesn’t work also with __return_true
Hi @matteocollina
Did you clear your cache before retrying (after adding the code)?
Hi @rockfire .
Yes I cleared the entire cache.
I follow this steps:
1- Added add_filter( 'wp_rest_cache/disable_cors_headers', '__return_true' ); to plugin.php
2- Cleared the cache with Clear Rest Cache button.
3- Get the URL the first time and it works without cache (I have in the response headers only access-control-allow-origin: *)
4- Get the same URL the second time and it doesn’t work (I have two access-control-allow-origin header: * and http://www.mydomain.com)
@matteocollina
It is no good when you try to answer questions too quickly π One small detail I forgot to mention is that you cannot use this filter from a theme or plugin, sorry for that. Our plugin loads as a must use plugin in order to be able to hook into the REST API as soon as possible and skip any loading of themes and/or plugins is a cache is found. Because of this your code isn’t executed if a cache is found, so to use this hook you would have to create a mu-plugin which is loaded before our mu-plugin (i.e. it should alfabetically be before wp-rest-cache).
So the simplest solution would be to create a file disable-cors-headers.php in the directory /wp-content/mu-plugins and put the add_filter code inside it.
@rockfire You right man! It works, thank you very much!
