headers - Read For Learn

Getting “Cannot modify header information – headers already sent” error on wp-admin only whenever any plugin is activated

Error Diagnosis: The first Error: PHP Warning: An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the <a href=”https://wordpress.org/support/”>support forums</a>. (WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.) in /Applications/MAMP/htdocs/site-url.com/wp-includes/update.php on line 306 This is basically … Read more

How can I get wp_head() as a string instead of echoing it?

You can use PHP’s output buffering. WIth this you can write a wrapper for the get_head() function function wpse251841_wp_head() { ob_start(); wp_head(); return ob_get_clean(); } You can then use this as $data = array( ‘wpHead’ => wpse251841_wp_head(), ‘postContent’ => $post->post_content, ‘postContentFiltered’ => apply_filters( ‘the_content’, $post->post_content ) ); Reference: Output Control Functions

Override json encoding in rest api

It should be enough to add the content disposition field. But specifically it’s Content-Disposition not Content-disposition I would also add some validation to your filename parameter thats being passed to file_get_contents to ensure it exists and it’s valid. Else you might be vulnerable to directory traversal attacks or remote URL requests

Hook for URL Request

Actually, my recommendation would be to do things a bit differently. You can add a custom rewrite endpoint to WordPress to handle these files specifically. For example, the URL http://site.com/download-xml/the_filename would automatically download the specified file as an attachment. First, you need to add a custom rewrite endpoint to set this up: function add_endpoint() { … Read more

Clarity needed on usage of multiple 403 forbidden header() functions at the beginning of the plugin files

The proper way to send a status (when WordPress is not available) is: http_response_code( 403 ); See the PHP Manual for its definition. But in Plugin files, this should never be the “default” code on top of a file header. See Worthwhile to restrict direct access of theme files? for a discussion. In WordPress, use … Read more

Custom endpoint and X-WP-TotalPages (headers)

I had a quick look and here’s how the headers are set in the WP_REST_Posts_Controller::get_items() method: $response = rest_ensure_response( $posts ); // … $response->header( ‘X-WP-Total’, (int) $total_posts ); $response->header( ‘X-WP-TotalPages’, (int) $max_pages ); // … return $response; where: $total_posts = $posts_query->found_posts; and we could use as @jshwlkr suggested: $max_pages = $posts_query->max_num_pages; You could emulate that … Read more

Loading different JS for http and https

If you link to the JS file just using something like //examplesite.com/js/jsfile.js without the http:// or https:// the browser should automatically get the correct http or https version

How to set custom cookies before output

Depends on whether or not you need to check against WordPress’ user authentication. If you need to know whether they’re a logged in user, hook onto ‘init’. Otherwise, the sooner the better. If it’s something that should fire on every page load, and only checks for existence of the cookie and doesn’t need to tap … Read more

Is it safe to fix Access-Control-Allow-Origin (CORS origin) errors with a php header directive?

Yes, you open your site to being requested via AJAX to any other script in the whole web. It would be better if you limit the origin to one specific remote domain from which you are consuming the API, like this example: header(“Access-Control-Allow-Origin: http://mozilla.com”); However as the mozilla documentation states, a client can fork the … Read more

How to prevent wordpress from loading old versions of jquery in wp_head();?

add_action(‘wp_enqueue_scripts’, ‘no_more_jquery’); function no_more_jquery(){ wp_deregister_script(‘jquery’); } That will deregister jquery. But why wouldn’t you want jQuery at all? If you mean to simply use your own, you should do it in that function, like this: add_action(‘wp_enqueue_scripts’, ‘no_more_jquery’); function no_more_jquery(){ wp_deregister_script(‘jquery’); wp_register_script(‘jquery’, “http” . ($_SERVER[‘SERVER_PORT’] == 443 ? “s” : “”) . “://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js”, false, null); wp_enqueue_script(‘jquery’); … Read more

+ More