WC_REST_Authentication::get_authorization_header()

Get the authorization header.

Contents

Description Description

On certain systems and configurations, the Authorization header will be stripped out by the server or PHP. Typically this is then used to generate PHP_AUTH_USER/PHP_AUTH_PASS but not passed on. We use getallheaders here to try and grab it out instead.

Return Return

(string) Authorization header if set.

Top ↑

Source Source

File: includes/class-wc-rest-authentication.php 

	public function get_authorization_header() {
		if ( ! empty( $_SERVER['HTTP_AUTHORIZATION'] ) ) {
			return wp_unslash( $_SERVER['HTTP_AUTHORIZATION'] ); // WPCS: sanitization ok.
		}

		if ( function_exists( 'getallheaders' ) ) {
			$headers = getallheaders();
			// Check for the authoization header case-insensitively.
			foreach ( $headers as $key => $value ) {
				if ( 'authorization' === strtolower( $key ) ) {
					return $value;
				}
			}
		}

		return '';
	}

Expand full source code Collapse full source code

Top ↑

Changelog Changelog

Changelog
Version Description
3.0.0 Introduced.

Top ↑

Top ↑

User Contributed Notes User Contributed Notes

You must log in before being able to contribute a note or feedback.