科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

    最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客
    你的位置: 首页>programmer>wp list table - How to remove _wp_http_referer from URL when using WP_List_table?

    wp list table - How to remove _wp_http_referer from URL when using WP_List_table?

    programmeradmin34浏览0评论

    I have built a plugin that displays a table using the WP_List_Table class. The table displays entries on which it's possible to apply a filter and some bulk actions.

    The problem is that when I click on the "filter" button or "apply bulk action" button multiple times, the _wp_http_referer paramater is added to the URL and keeps being longer and longer each time I click on the button.

    Eventually the URL is so long that I get a blank page in the browser with the following error message: 

    Request-URI Too Large
The requested URL's length exceeds the capacity limit for this server.

    I think I have set up the filter and bulk action select menus properly inside a simple form tag:

    form action method="get"

    The same problem seems to have been described here: How to stop _wpnonce and _wp_http_referer from appearing in URL. I am facing the same issue and wondering if someone would have any idea how to remove the _wp_http_referer paramater from the URL after clicking on my form action buttons.

    Thanks

    I have built a plugin that displays a table using the WP_List_Table class. The table displays entries on which it's possible to apply a filter and some bulk actions.

    The problem is that when I click on the "filter" button or "apply bulk action" button multiple times, the _wp_http_referer paramater is added to the URL and keeps being longer and longer each time I click on the button.

    Eventually the URL is so long that I get a blank page in the browser with the following error message: 

    Request-URI Too Large
The requested URL's length exceeds the capacity limit for this server.

    I think I have set up the filter and bulk action select menus properly inside a simple form tag:

    form action method="get"

    The same problem seems to have been described here: How to stop _wpnonce and _wp_http_referer from appearing in URL. I am facing the same issue and wondering if someone would have any idea how to remove the _wp_http_referer paramater from the URL after clicking on my form action buttons.

    Thanks

    • wp-list-table
    Share Improve this question edited Apr 13, 2017 at 12:37 CommunityBot 1 asked Jan 11, 2013 at 0:16 VincentVincent 1871 gold badge1 silver badge8 bronze badges
    Add a comment  | 

    6 Answers 6

    Reset to default 6

    As the last commenter on that Q suggested, you should probably check for actions, remove the query args and redirect. Something like:

    $doaction = $wp_list_table->current_action();
if ( $doaction && isset( $_REQUEST['SOMEVAR'] ) ) {
    // do stuff
} elseif ( ! empty( $_GET['_wp_http_referer'] ) ) {
    wp_redirect( remove_query_arg( array( '_wp_http_referer', '_wpnonce' ), stripslashes( $_SERVER['REQUEST_URI'] ) ) );
    exit;
}

    Let me help you! Overwrite the parent method display_tablenav of WP_List_Table class removing the wp_nonce_field execution.

    /**
 * Generates the table navigation above or bellow the table and removes the
 * _wp_http_referrer and _wpnonce because it generates a error about URL too large
 * 
 * @param string $which 
 * @return void
 */
function display_tablenav( $which ) 
{
    ?>
    <div class="tablenav <?php echo esc_attr( $which ); ?>">

        <div class="alignleft actions">
            <?php $this->bulk_actions(); ?>
        </div>
        <?php
        $this->extra_tablenav( $which );
        $this->pagination( $which );
        ?>
        <br class="clear" />
    </div>
    <?php
}

    Give the following script in footer or any common js

    setTimeout(function() { jQuery( "input[name*='_wp_http_referer']" ).remove(); }, 500);

    The accepted answer is the best way to do it, but if the List Table appears on a custom admin page, you're going to run into headers already sent errors.

    The best I can come up with is to detect a nested _wp_http_referer on admin_init and do the redirect there.

    add_action( 'admin_init', 'wpse_80112' );

function wpse_80112() {

    // If we're on an admin page with the referer passed in the QS, prevent it nesting and becoming too long.
    global $pagenow;

        if( 'admin.php' === $pagenow && isset( $_GET['_wp_http_referer'] ) && preg_match( '/_wp_http_referer/', $_GET['_wp_http_referer'] ) ) :
            wp_redirect( remove_query_arg( array( '_wp_http_referer', '_wpnonce' ), wp_unslash( $_SERVER['REQUEST_URI'] ) ) );
            exit;
        endif;

}

    Be aware of the timing of your code. If you handle the list table actions after this hook (e.g. within your list table class), then there is a risk of redirect before the action is executed - and therefore will be ignored and need a second request. Be sure to handle this in your own implementation as and how appropriate.

    You may consider using the load-{page-hook} action to handle actions, where {page-hook} is the return from your add_submenu_page (or similar) call.

    I know this is an old question but i setteled for a modified version of Sijo Thomas Maprayil's awnser

    jQuery("input[name='_wp_http_referer'], input[name='_wpnonce']").remove();

    No need for a timeout as long as the script is executed below the search box.

    I wonder why these fields even get added if wordpress does a redirect to get rid of them again. Very sub optimal to say the least.

    Here is the code that does the trick:

    public function strip_wp_http_referrer () {
    $current_url = "http://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]";

    if (strpos($current_url, '_wp_http_referer') !== false) {
        $new_url = remove_query_arg( array( '_wp_http_referer', '_wpnonce' ), stripslashes($current_url));
        wp_redirect ($new_url);
    }
}