is_allowed_http_origin( string|null $origin = null ): string
Determines if the HTTP origin is an authorized one.
Parameters
$originstring|null Optional-
Origin URL. If not provided, the value of get_http_origin() is used.
Default:
null
Return
string Origin URL if allowed, empty string if not.
Source
File: wp-includes/http.php. View all references
function is_allowed_http_origin( $origin = null ) {
$origin_arg = $origin;
if ( null === $origin ) {
$origin = get_http_origin();
}
if ( $origin && ! in_array( $origin, get_allowed_http_origins(), true ) ) {
$origin = '';
}
/**
* Change the allowed HTTP origin result.
*
* @since 3.4.0
*
* @param string $origin Origin URL if allowed, empty string if not.
* @param string $origin_arg Original origin string passed into is_allowed_http_origin function.
*/
return apply_filters( 'allowed_http_origin', $origin, $origin_arg );
}
Hooks
- apply_filters( 'allowed_http_origin',
string $origin ,string $origin_arg ) -
Change the allowed HTTP origin result.
Related
Uses
| Uses | Description |
|---|---|
| get_http_origin() wp-includes/http.php | Get the HTTP Origin of the current request. |
| get_allowed_http_origins() wp-includes/http.php | Retrieve list of allowed HTTP origins. |
| apply_filters() wp-includes/plugin.php | Calls the callback functions that have been added to a filter hook. |
Used By
| Used By | Description |
|---|---|
| send_origin_headers() wp-includes/http.php | Send Access-Control-Allow-Origin and related headers if the current request is from an allowed origin. |
Changelog
| Version | Description |
|---|---|
| 3.4.0 | Introduced. |
© 2003–2022 WordPress Foundation
Licensed under the GNU GPLv2+ License.
https://developer.wordpress.org/reference/functions/is_allowed_http_origin