How to handle OPTIONS request in remote REST-API acess

  • Ajax request uses OPTIONS request as “preflight”, but it’s being blocked for unauthorized access and the actual call with post or get that is hold the authorization Bearer + token is not done.

    Is there a solution for this?

    • This topic was modified 6 years, 2 months ago by beshoy.
    • This topic was modified 6 years, 2 months ago by beshoy.
Viewing 1 replies (of 1 total)

  • I solved this issue by adding in file
    plugin.php
    just before last if !$is_allowed return new WP_ERROR block an override that checks for request method (lines 38/39)

    $is_allowed = preg_match($regex_checker, $request->get_route());
$is_allowed = apply_filters('reqauth/is_allowed', $is_allowed);

// extra code block
if ($request->get_method() === 'OPTIONS') {
    $is_allowed = true;
}

if (!$is_allowed) {
    return new WP_Error('rest_not_logged_in', __('You are not currently logged in.'), array('status' => 401));
}
Viewing 1 replies (of 1 total)
  • The topic ‘How to handle OPTIONS request in remote REST-API acess’ is closed to new replies.