A WordPress-centric search engine for devs and theme authors



rest_send_allow_header ›

Since4.4.0
Deprecatedn/a
rest_send_allow_header ( $response, $server, $request )
Parameters: (3)
  • (WP_REST_Response) $response Current response being served.
    Required: Yes
  • (WP_REST_Server) $server ResponseHandler instance (usually WP_REST_Server).
    Required: Yes
  • (WP_REST_Request) $request The request that was used to make current response.
    Required: Yes
Returns:
  • (WP_REST_Response) Response to be served, with "Allow" header if route has allowed methods.
Defined at:
Codex:

Sends the "Allow" header to state all methods that can be sent to the current route.



Source

function rest_send_allow_header( $response, $server, $request ) {
	$matched_route = $response->get_matched_route();

	if ( ! $matched_route ) {
		return $response;
	}

	$routes = $server->get_routes();

	$allowed_methods = array();

	// Get the allowed methods across the routes.
	foreach ( $routes[ $matched_route ] as $_handler ) {
		foreach ( $_handler['methods'] as $handler_method => $value ) {

			if ( ! empty( $_handler['permission_callback'] ) ) {

				$permission = call_user_func( $_handler['permission_callback'], $request );

				$allowed_methods[ $handler_method ] = true === $permission;
			} else {
				$allowed_methods[ $handler_method ] = true;
			}
		}
	}

	// Strip out all the methods that are not allowed (false values).
	$allowed_methods = array_filter( $allowed_methods );

	if ( $allowed_methods ) {
		$response->header( 'Allow', implode( ', ', array_map( 'strtoupper', array_keys( $allowed_methods ) ) ) );
	}

	return $response;
}