@@ 567-574 (lines=8) @@ | ||
564 | add_filter( 'xmlrpc_methods', array( $this, 'xmlrpc_methods' ) ); |
|
565 | ||
566 | $signed = $this->verify_xml_rpc_signature(); |
|
567 | if ( $signed && ! is_wp_error( $signed ) ) { |
|
568 | // The actual API methods. |
|
569 | add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'xmlrpc_methods' ) ); |
|
570 | } else { |
|
571 | // The jetpack.authorize method should be available for unauthenticated users on a site with an |
|
572 | // active Jetpack connection, so that additional users can link their account. |
|
573 | add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'authorize_xmlrpc_methods' ) ); |
|
574 | } |
|
575 | } else { |
|
576 | // The bootstrap API methods. |
|
577 | add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'bootstrap_xmlrpc_methods' ) ); |
|
@@ 575-583 (lines=9) @@ | ||
572 | // active Jetpack connection, so that additional users can link their account. |
|
573 | add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'authorize_xmlrpc_methods' ) ); |
|
574 | } |
|
575 | } else { |
|
576 | // The bootstrap API methods. |
|
577 | add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'bootstrap_xmlrpc_methods' ) ); |
|
578 | $signed = $this->verify_xml_rpc_signature(); |
|
579 | if ( $signed && ! is_wp_error( $signed ) ) { |
|
580 | // the jetpack Provision method is available for blog-token-signed requests |
|
581 | add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'provision_xmlrpc_methods' ) ); |
|
582 | } |
|
583 | } |
|
584 | ||
585 | // Now that no one can authenticate, and we're whitelisting all XML-RPC methods, force enable_xmlrpc on. |
|
586 | add_filter( 'pre_option_enable_xmlrpc', '__return_true' ); |