First draft at hook to control wp-cron.php endpoint. #10438
Conversation
|
The following accounts have interacted with this PR and/or linked issues. I will continue to update these lists as activity occurs. You can also manually ask me to refresh this list by adding the Core Committers: Use this line as a base for the props when committing in SVN: To understand the WordPress project's expectations around crediting contributors, please review the Contributor Attribution page in the Core Handbook. |
Test using WordPress PlaygroundThe changes in this pull request can previewed and tested using a WordPress Playground instance. WordPress Playground is an experimental project that creates a full WordPress instance entirely within the browser. Some things to be aware of
For more details about these limitations and more, check out the Limitations page in the WordPress Playground documentation. |
| /** This filter is documented in wp-includes/default-constants.php */ | ||
| if ( ! apply_filters( 'wp_cron_endpoint_enabled', true ) ) { | ||
| if ( ! headers_sent() ) { | ||
| header( 'X-WP-Cron: Bypass' ); |
There was a problem hiding this comment.
Instead of a custom header, what about:
| header( 'X-WP-Cron: Bypass' ); | |
| status_header( 403 ); |
There was a problem hiding this comment.
I'm happy to do this if batcache caches 403 responses (pending adding output to the page, as discussed on the ticket).
| header( 'Expires: Wed, 11 Jan 1984 05:00:00 GMT' ); | ||
| header( 'Cache-Control: no-cache, must-revalidate, max-age=0' ); |
There was a problem hiding this comment.
Can't these headers be left right here? They're now sent in two different places below.
There was a problem hiding this comment.
There's a slight change: if requests are bypassed the no-caching headers aren't sent as it's safe to cache the endpoint as it doesn't need to hit the database.
| header( 'Expires: Wed, 11 Jan 1984 05:00:00 GMT' ); | ||
| header( 'Cache-Control: no-cache, must-revalidate, max-age=0' ); | ||
| } | ||
| die(); |
There was a problem hiding this comment.
This would seem like a good place to send status_header( 400 ). I'm not sure when this ! empty( $_POST ) || defined( 'DOING_AJAX' ) || defined( 'DOING_CRON' ) condition would happen normally.
| if ( ! headers_sent() ) { | ||
| header( 'Expires: Wed, 11 Jan 1984 05:00:00 GMT' ); | ||
| header( 'Cache-Control: no-cache, must-revalidate, max-age=0' ); | ||
| header( 'X-WP-Cron: Spawned' ); |
There was a problem hiding this comment.
Instead of sending this here, what if below where it does:
if ( empty( $crons ) ) {
die();
}It could be changed to:
if ( empty( $crons ) ) {
status_header( 304 );
die();
} else {
status_header( 200 );
}There was a problem hiding this comment.
I'm unsure. It's still a successful request if the cron array is empty, it just happens that there are no jobs to spawn. It would also require the DB request be made before the fast finish.
Co-authored-by: Weston Ruter <[email protected]>
The new GitHub PR UI doesn't include batch commit anymore. Dandy. Co-authored-by: Weston Ruter <[email protected]>
2 participants
wp_cron_endpoint_enabled.DISABLE_WP_CRONis defined and set to false if the endpoint is disabled.Trac ticket: https://core.trac.wordpress.org/ticket/64157
This Pull Request is for code review only. Please keep all other discussion in the Trac ticket. Do not merge this Pull Request. See GitHub Pull Requests for Code Review in the Core Handbook for more details.