@@ 578-585 (lines=8) @@ | ||
575 | add_filter( 'xmlrpc_methods', array( $this, 'xmlrpc_methods' ) ); |
|
576 | ||
577 | $signed = $this->verify_xml_rpc_signature(); |
|
578 | if ( $signed && ! is_wp_error( $signed ) ) { |
|
579 | // The actual API methods. |
|
580 | add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'xmlrpc_methods' ) ); |
|
581 | } else { |
|
582 | // The jetpack.authorize method should be available for unauthenticated users on a site with an |
|
583 | // active Jetpack connection, so that additional users can link their account. |
|
584 | add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'authorize_xmlrpc_methods' ) ); |
|
585 | } |
|
586 | } else { |
|
587 | // The bootstrap API methods. |
|
588 | add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'bootstrap_xmlrpc_methods' ) ); |
|
@@ 586-594 (lines=9) @@ | ||
583 | // active Jetpack connection, so that additional users can link their account. |
|
584 | add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'authorize_xmlrpc_methods' ) ); |
|
585 | } |
|
586 | } else { |
|
587 | // The bootstrap API methods. |
|
588 | add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'bootstrap_xmlrpc_methods' ) ); |
|
589 | $signed = $this->verify_xml_rpc_signature(); |
|
590 | if ( $signed && ! is_wp_error( $signed ) ) { |
|
591 | // the jetpack Provision method is available for blog-token-signed requests |
|
592 | add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'provision_xmlrpc_methods' ) ); |
|
593 | } |
|
594 | } |
|
595 | ||
596 | // Now that no one can authenticate, and we're whitelisting all XML-RPC methods, force enable_xmlrpc on. |
|
597 | add_filter( 'pre_option_enable_xmlrpc', '__return_true' ); |