科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

    最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客
    你的位置: 首页>programmer>javascript - WordPress REST API Authentication Using Fetch - Stack Overflow

    javascript - WordPress REST API Authentication Using Fetch - Stack Overflow

    programmeradmin5浏览0评论

    I'm attempting to use cookie authentication for WordPress REST API access using the Fetch API, however the auth is failing with the following error.

    403: Cookie Nonce is Invalid

    I'm using the following script to connect to the API.

    const headers = new Headers({
   'Content-Type': 'application/json',
   'X-WP-Nonce': WPAPI.nonce
});  

fetch(WPAPI.root + 'my-endpoint/upload/', {
    method: 'POST',
    headers: headers,
    body: JSON.stringify(data)
})

    When I switch from using Fetch to XMLHttpRequest it works as expected.

    let request = new XMLHttpRequest();
request.open('POST', WPAPI.root + 'my-endpoint/upload/', true);
request.setRequestHeader('X-WP-Nonce', WPAPI.nonce);
request.setRequestHeader('Content-Type', 'application/json');
request.send(JSON.stringify(data));

    Is it possible there an issue with the way headers are being sent in the Fetch method?

    I'm attempting to use cookie authentication for WordPress REST API access using the Fetch API, however the auth is failing with the following error.

    403: Cookie Nonce is Invalid

    I'm using the following script to connect to the API.

    const headers = new Headers({
   'Content-Type': 'application/json',
   'X-WP-Nonce': WPAPI.nonce
});  

fetch(WPAPI.root + 'my-endpoint/upload/', {
    method: 'POST',
    headers: headers,
    body: JSON.stringify(data)
})

    When I switch from using Fetch to XMLHttpRequest it works as expected.

    let request = new XMLHttpRequest();
request.open('POST', WPAPI.root + 'my-endpoint/upload/', true);
request.setRequestHeader('X-WP-Nonce', WPAPI.nonce);
request.setRequestHeader('Content-Type', 'application/json');
request.send(JSON.stringify(data));

    Is it possible there an issue with the way headers are being sent in the Fetch method?

    • javascript
    • php
    • wordpress
    • cookies
    • wordpress-rest-api
    Share Improve this question asked Sep 13, 2017 at 18:05 Darren CooneyDarren Cooney 1,0602 gold badges16 silver badges25 bronze badges
    Add a ment  | 

    3 Answers 3

    Reset to default 6

    WordPress nonce authentication requires the use of cookies and by default Fetch doesn't send those along. You can use the credentials option to make this work:

    fetch(endpoint, {
  credentials: 'same-origin'
})

    https://github./github/fetch#sending-cookies

    Came across my post from 4 years ago looking for the same issue :) This solves the problem.

    const response = await fetch(url, {
    method: 'POST',
    credentials: 'same-origin',
    headers: {
        'Content-Type': 'application/json',
        'X-WP-Nonce' : my_var.nonce
    },
    body: JSON.stringify(data),
});
const content = await response.json();
console.log(content);

    Late, but maybe helpful for other readers as I added code specifically for fetch() promise according to this question.

    WordPress uses nonce automatically within their cookies, as I found out.

    WordPress: version 5.7.2
    PHP: version 7.4
    host: hostmonster.
    client: Windows 10
    browsers: tested on Chrome, Firefox, even Edge

    与本文相关的文章

    发布评论

    评论列表(0)

    1. 暂无评论