Hallo 🙂
The REST API is a way that your site makes information available to others via JSON (a machine-readable format).
There are various default endpoints for the API.
The API can also be extended.
That error message means that one of the REST API endpoints your site uses, isn’t doing a permissions check.
This isn’t necessarily a security issue, but you should check if the information displayed at the endpoint is supposed to be public.
Hope this helps.
The error is coming from a plugin or theme which needs to be updated. Look through your plugins or themes for something that might be called “nv”.
In the meantime, this is a Notice only, so ask your host how to properly disable the “display_errors” setting in your PHP install.
My Friends: Thanks for the kind and helpful words. My nv theme (neve) is already running the running the latest version so still not sure how to correct this other than to notify the theme provider of the issue and see if they can fix it.
Please notify the theme provider 🙂
You can also refer them to the REST API channel on Slack, if they are unsure.
This error message was added specifically to help make sites more private (and in some cases, a lot safer).
Again, this does not necessarily mean that there is a problem, as the information may need to be public, but it is something that the developer should check.
If it is intended to be public, they should add __return_true to the function – that will remove the warning message.
I will follow this helpful advice and thank u for being good wp stewards for help with this issue.
-
This reply was modified 5 years, 10 months ago by
jasonsahli.
@jasonsahli The Neve theme has a class called Pagination. Inside that class, they have a method called register_endpoints. Inside the Pagination->register_endpoints() method they are calling the register_rest_route function, and in the arguments they pass to it they don’t include a permission_callback as the error you’re getting mentions.
Judging from their code, the callback they are performing doesn’t get any private data so they can simply add this line in their arguments to make it work properly:
'permission_callback' => '__return_true',
So the end code on that method would look like this:
public function register_endpoints() {
register_rest_route(
'nv/v1/posts',
'/page/(?P<page_number>\d+)/',
array(
'methods' => \WP_REST_Server::CREATABLE,
'callback' => array( $this, 'get_posts' ),
'permission_callback' => '__return_true'
)
);
}
You can contact your theme theme-author with that information so they can fix it. 🙂
thank you very much you helped me a lot
.
