The problem is that you’re not using the correct name for the REST API nonce header — the correct name is X-WP-Nonce
, but you used X-WP-Header
:
fetch('http://localhost/wptest2/?rest_route=/wp/v2/users/me', {
method : 'get',
mode : 'cors',
headers : {
'Access-Control-Allow-Origin' : '*',
'X-WP-Header' : _wpnonce // here you used the wrong name
}
})
Reference from the REST API Handbook:
For developers making manual Ajax requests, the nonce will need to be
passed with each request. The API uses nonces with the action set to
wp_rest
. These can then be passed to the API via the_wpnonce
data
parameter (either POST data or in the query for GET requests), or via
theX-WP-Nonce
header.
So make sure to use the correct header name. 🙂
Related Posts:
- Authentication with the Rest API when using an External Application
- How to delete a cookie?
- nodejs – error self signed certificate in certificate chain
- javascript set cookie with expire time
- display variable image using cookies
- jQuery $.cookie is not a function
- How do I set/unset a cookie with jQuery?
- Make Axios send cookies in its requests automatically
- How do I create and read a value from cookie?
- How do I remove documents using Node.js Mongoose?
- Get cookie by name
- How do I check if a cookie exists?
- Nonce retrieved from the REST API is invalid and different from nonce generated in wp_localize_script
- REST API: Backbone and custom endpoint
- Gutenberg custom block plugin with custom image sizes
- Get loading state of wp data selector
- How to build a plugin that supports authenticated POST requests to the REST API from external servers?
- WP REST – video and audio players
- Headless WordPress: How to authenticate front end requests?
- Post to WordPress using REST API from external site
- How to handle malformed response from WP REST API?
- Get HTTP response code on non-2xx apiFetch request
- Can’t GET draft posts via REST API from headless frontend
- Rest API invalid nonce with Backbone Client
- Logout user and delete cookies from the client side?
- WP REST API Post Status Using JavaScript
- How to transform a legacy widget into a block
- How to save generated JWT token to cookies on login?
- Get Block Attributes in JSON REST API
- Setting/unsetting terms using the Backbone JavaScript client
- Checks when fetching data from multiple REST API endpoints in Gutenberg
- Search for a keyword across post types in a Gutenberg component
- Using apiFetch for retrieving post data in Gutenberg
- How to generate the COOKIEHASH from JavaScript
- Get terms of a taxonomy using useSelect
- Return ‘X-WP-Total’ from headers in response
- How to render WP Rest-API Endpoints in a React.js Theme with Woocommerce
- Retrieving data about comments and likes
- how to use nimble-API and Display data?
- Log in user using WordPress REST API
- How to verify which WordPress user requested the API in ASP .NET Core?
- Check if user can in javascript
- wp-api Backbone JS Client fetch options
- Why does my array sort order changes when I pass it to JS using WP_REST_Response?
- Rest API and how to deal with it in server side
- Access checks with custom REST endpoints and backbone
- Console Messages: A cookie associated with a cross-site resource at
- The same session information for peer users on two different WordPress servers
- [Vue warn]: Error in render: “TypeError: Cannot read property ‘wp:featuredmedia’ of undefined – REST API
- Update block once an API request returns with a value
- Get user in rest API endpoint
- How to improve WP-Rest atrocious response time?
- How are cookie values encoded?
- I would like to retrive JSON value and display it in wordpress page or widget
- Connecting a wordpress site to an AngularJS APP
- WordPress REST API response is empty in browser and script, but not in Postman
- WP REST API – “rest_user_cannot_view” ONLY on specific users
- Rest Api WordPress
- Get Comment Text via REST API
- How to do a redirect to another route with react-router?
- Jest spy on functionality
- Use a JSON array with objects with javascript
- Toggle show/hide on click with jQuery
- How do you check if a variable is an array in JavaScript?
- When and why to ‘return false’ in JavaScript?
- In angularjs we are having ng-disabled directive, why ng-enabled directive is not provided by the framework as we are having ng-show and ng-hide
- Send POST data using XMLHttpRequest
- querySelector vs. getElementById
- Google weather widget on my website
- Node.js document is not defined
- Create table with jQuery – append
- When is JavaScript synchronous?
- How to reset a form using jQuery with .reset() method
- node-request – Getting error “SSL23_GET_SERVER_HELLO:unknown protocol”
- Count the number of occurrences of a character in a string in Javascript
- Javascript removeEventListener not working
- Load image with jQuery and append it to the DOM
- TypeError: res.json is not a function
- How to do case insensitive string comparison?
- Understanding the ngRepeat ‘track by’ expression
- How can I test if a letter in a string is uppercase or lowercase using JavaScript?
- Jest encountered an unexpected token
- How to get the first element of an array?
- Cannot read property ‘forEach’ of undefined
- JavaScript: function returning an object
- Is it Possible to Extend WP Customize JS Methods?
- Load multiple Javascript scripts
- WP script versioning breaks cross-site caching?
- How to replace a javascript select box onchange event to a form submit action?
- Add tinymce dynamically via Javascript
- How to Add Javascript Only When a Function Exists?
- TypeError: window.tinyMCE.execInstanceCommand is not a function
- event/callback on block update?
- How to disable inline css styles generated by Gutenberg editor?
- How to add “on change” to a text input in contact form7?
- How to use WP switchEditors.switchto(this) JS function in your own script?
- Landing function through URL
- Why does WordPress use cookies for /wp-admin and /wp-content/plugins for non-admin users [duplicate]
- Escaping quotes while enqueuing scripts
- How to add a new attribute to core wp block editor without npm?