|
@@ 592-599 (lines=8) @@
|
| 589 |
|
// Hack to preserve $HTTP_RAW_POST_DATA |
| 590 |
|
add_filter( 'xmlrpc_methods', array( $this, 'xmlrpc_methods' ) ); |
| 591 |
|
|
| 592 |
|
if ( $this->verify_xml_rpc_signature() ) { |
| 593 |
|
// The actual API methods. |
| 594 |
|
add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'xmlrpc_methods' ) ); |
| 595 |
|
} else { |
| 596 |
|
// The jetpack.authorize method should be available for unauthenticated users on a site with an |
| 597 |
|
// active Jetpack connection, so that additional users can link their account. |
| 598 |
|
add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'authorize_xmlrpc_methods' ) ); |
| 599 |
|
} |
| 600 |
|
} else { |
| 601 |
|
// The bootstrap API methods. |
| 602 |
|
add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'bootstrap_xmlrpc_methods' ) ); |
|
@@ 600-608 (lines=9) @@
|
| 597 |
|
// active Jetpack connection, so that additional users can link their account. |
| 598 |
|
add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'authorize_xmlrpc_methods' ) ); |
| 599 |
|
} |
| 600 |
|
} else { |
| 601 |
|
// The bootstrap API methods. |
| 602 |
|
add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'bootstrap_xmlrpc_methods' ) ); |
| 603 |
|
|
| 604 |
|
if ( $this->verify_xml_rpc_signature() ) { |
| 605 |
|
// the jetpack Provision method is available for blog-token-signed requests |
| 606 |
|
add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'provision_xmlrpc_methods' ) ); |
| 607 |
|
} |
| 608 |
|
} |
| 609 |
|
|
| 610 |
|
// Now that no one can authenticate, and we're whitelisting all XML-RPC methods, force enable_xmlrpc on. |
| 611 |
|
add_filter( 'pre_option_enable_xmlrpc', '__return_true' ); |
Automattic /
jetpack
