apply_filters( 'rest_allowed_cors_headers', string[] $allow_headers )

Filters the list of request headers that are allowed for REST API CORS requests.

Description

The allowed headers are passed to the browser to specify which headers can be passed to the REST API. By default, we allow the Content-* headers needed to upload files to the media endpoints.
As well as the Authorization and Nonce headers for allowing authentication.

Parameters

$allow_headers string[]: The list of request headers to allow.

Source

File: wp-includes/rest-api/class-wp-rest-server.php. View all references

$allow_headers = apply_filters( 'rest_allowed_cors_headers', $allow_headers );

Used By

Used By	Description
WP_REST_Server::serve_request() wp-includes/rest-api/class-wp-rest-server.php	Handles serving a REST API request.

Changelog

Version	Description
5.5.0	Introduced.

© 2003–2022 WordPress Foundation
Licensed under the GNU GPLv2+ License.
https://developer.wordpress.org/reference/hooks/rest_allowed_cors_headers

Docs

Docs4dev

Title here