Scripts: Assign api-fetch nonce with corrected rest_nonce.

As of `@wordpress/[email protected]` (introduced in 44812), the `apiFetch` nonce middleware must have its nonce value assigned explicitly, and will no longer listen for heartbeat ticks automatically. This changeset adds an inline script for the default registration of the `api-fetch` script handle to assign the nonce value in response to the heartbeat action. In doing so, it removes the now-unused, misnamed `rest-nonce` property from the heartbeat response, whose original introduction served as temporary compatibility with earlier versions of `@wordpress/api-fetch`. See WordPress/gutenberg#13451 See #45113 Props adamsilverstein, nerrad . Fixes #46107 . git-svn-id: http://develop.svn.wordpress.org/trunk@44949 602fd350-edb4-49c9-b593-d223f7449a82
cjk4wp · Mar 20, 2019 · 63dbfbb · 63dbfbb
1 parent be15f33
commit 63dbfbb
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 3 deletions.
diff --git a/src/wp-admin/includes/misc.php b/src/wp-admin/includes/misc.php
@@ -1082,8 +1082,6 @@ function wp_refresh_post_nonces( $response, $data, $screen_id ) {
 function wp_refresh_heartbeat_nonces( $response ) {
 	// Refresh the Rest API nonce.
 	$response['rest_nonce'] = wp_create_nonce( 'wp_rest' );
-	// TEMPORARY: Compat with api-fetch library
-	$response['rest-nonce'] = $response['rest_nonce'];
 
 	// Refresh the Heartbeat nonce.
 	$response['heartbeat_nonce'] = wp_create_nonce( 'heartbeat-nonce' );

diff --git a/src/wp-includes/script-loader.php b/src/wp-includes/script-loader.php
@@ -521,10 +521,30 @@ function wp_default_packages_scripts( &$scripts ) {
 function wp_default_packages_inline_scripts( &$scripts ) {
 	global $wp_locale;
 
+	if ( isset( $scripts->registered['wp-api-fetch'] ) ) {
+		$scripts->registered['wp-api-fetch']->deps[] = 'wp-hooks';
+	}
 	$scripts->add_inline_script(
 		'wp-api-fetch',
 		sprintf(
-			'wp.apiFetch.use( wp.apiFetch.createNonceMiddleware( "%s" ) );',
+			implode(
+				"\n",
+				array(
+					'( function() {',
+					'	var nonceMiddleware = wp.apiFetch.createNonceMiddleware( "%s" );',
+					'	wp.apiFetch.use( nonceMiddleware );',
+					'	wp.hooks.addAction(',
+					'		"heartbeat.tick",',
+					'		"core/api-fetch/create-nonce-middleware",',
+					'		function( response ) {',
+					'			if ( response[ "rest_nonce" ] ) {',
+					'				nonceMiddleware.nonce = response[ "rest_nonce" ];',
+					'			}',
+					'		}',
+					'	);',
+					'} )();',
+				)
+			),
 			( wp_installing() && ! is_multisite() ) ? '' : wp_create_nonce( 'wp_rest' )
 		),
 		'after'