|
@@ 76-83 (lines=8) @@
|
| 73 |
|
// Hack to preserve $HTTP_RAW_POST_DATA. |
| 74 |
|
add_filter( 'xmlrpc_methods', array( $this, 'xmlrpc_methods' ) ); |
| 75 |
|
|
| 76 |
|
if ( $this->verify_xml_rpc_signature() ) { |
| 77 |
|
// The actual API methods. |
| 78 |
|
add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'xmlrpc_methods' ) ); |
| 79 |
|
} else { |
| 80 |
|
// The jetpack.authorize method should be available for unauthenticated users on a site with an |
| 81 |
|
// active Jetpack connection, so that additional users can link their account. |
| 82 |
|
add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'authorize_xmlrpc_methods' ) ); |
| 83 |
|
} |
| 84 |
|
} else { |
| 85 |
|
new XMLRPC_Connector( $this ); |
| 86 |
|
|
|
@@ 84-94 (lines=11) @@
|
| 81 |
|
// active Jetpack connection, so that additional users can link their account. |
| 82 |
|
add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'authorize_xmlrpc_methods' ) ); |
| 83 |
|
} |
| 84 |
|
} else { |
| 85 |
|
new XMLRPC_Connector( $this ); |
| 86 |
|
|
| 87 |
|
// The bootstrap API methods. |
| 88 |
|
add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'bootstrap_xmlrpc_methods' ) ); |
| 89 |
|
|
| 90 |
|
if ( $this->verify_xml_rpc_signature() ) { |
| 91 |
|
// The jetpack Provision method is available for blog-token-signed requests. |
| 92 |
|
add_filter( 'xmlrpc_methods', array( $this->xmlrpc_server, 'provision_xmlrpc_methods' ) ); |
| 93 |
|
} |
| 94 |
|
} |
| 95 |
|
|
| 96 |
|
// Now that no one can authenticate, and we're whitelisting all XML-RPC methods, force enable_xmlrpc on. |
| 97 |
|
add_filter( 'pre_option_enable_xmlrpc', '__return_true' ); |
Automattic /
jetpack
