get_allowed_http_origins() WordPress Function

The get_allowed_http_origins() function is used to get the list of origins allowed for cross-domain requests. This function is useful for making sure that cross-domain requests are only made to trusted origins.

get_allowed_http_origins() #

Retrieve list of allowed HTTP origins.

Contents

Return

(string[]) Array of origin URLs.

Top ↑

Source

File: wp-includes/http.php

415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
function get_allowed_http_origins() {
    $admin_origin = parse_url( admin_url() );
    $home_origin  = parse_url( home_url() );
 
    // @todo Preserve port?
    $allowed_origins = array_unique(
        array(
            'http://' . $admin_origin['host'],
            'https://' . $admin_origin['host'],
            'http://' . $home_origin['host'],
            'https://' . $home_origin['host'],
        )
    );
 
    /**
     * Change the origin types allowed for HTTP requests.
     *
     * @since 3.4.0
     *
     * @param string[] $allowed_origins {
     *     Array of default allowed HTTP origins.
     *
     *     @type string $0 Non-secure URL for admin origin.
     *     @type string $1 Secure URL for admin origin.
     *     @type string $2 Non-secure URL for home origin.
     *     @type string $3 Secure URL for home origin.
     * }
     */
    return apply_filters( 'allowed_http_origins', $allowed_origins );
}

Expand full source codeCollapse full source codeView on TracView on GitHub

Top ↑

Top ↑

Uses

Uses
UsesDescription
wp-includes/link-template.php:admin_url()

Retrieves the URL to the admin area for the current site.

wp-includes/link-template.php:home_url()

Retrieves the URL for the current site where the front end is accessible.

wp-includes/http.php:allowed_http_origins

Change the origin types allowed for HTTP requests.

wp-includes/plugin.php:apply_filters()

Calls the callback functions that have been added to a filter hook.

Top ↑

Changelog

Changelog
VersionDescription
3.4.0Introduced.
Download the latest version of WordPress from https://wordpress.org/

The content displayed on this page has been created in part by processing WordPress source code files which are made available under the GPLv2 (or a later version) license by the Free Software Foundation. In addition to this, the content includes user-written examples and information. All material is subject to review and curation by the WPPaste.com community.