From 0ad2271d88205811f94d62fe234190f9a3d7d5c4 Mon Sep 17 00:00:00 2001 From: Robert O'Rourke Date: Thu, 27 Jan 2022 17:57:27 +0000 Subject: [PATCH] Forward Authorization to global content repo When using HTTP Basic Auth with the global media feature the requests would fail as the Auth header is missing. This forwards the auth header if found. Fixes #377 --- inc/global_content/namespace.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/inc/global_content/namespace.php b/inc/global_content/namespace.php index 81757d7..e1c0f88 100644 --- a/inc/global_content/namespace.php +++ b/inc/global_content/namespace.php @@ -396,5 +396,11 @@ function filter_global_content_requests_for_auth( array $parsed_args, string $ur ] ); }, $_COOKIE, array_keys( $_COOKIE ) ); + // Check for Auth header and forward it, for Basic Auth feature support. + if ( ! isset( $parsed_args['headers']['Authorization'] ) && ! empty( $_SERVER['HTTP_AUTHORIZATION'] ) ) { + // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotSanitized + $parsed_args['headers']['Authorization'] = wp_unslash( $_SERVER['HTTP_AUTHORIZATION'] ); + } + return $parsed_args; }