Skip to content

Commit

Permalink
Add the capability check to the preview endpoint to prevent it from b…
Browse files Browse the repository at this point in the history
…eing accessible to unauthenticated users
  • Loading branch information
ingeniumed committed Jun 4, 2024
1 parent 4284d1e commit 91e88ac
Show file tree
Hide file tree
Showing 3 changed files with 6 additions and 3 deletions.
3 changes: 3 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
# Changelog

## 1.9.7
* Add a capability check to the preview endpoint, to prevent unauthenticated users from accessing it

## 1.9.6

* Revert #597, restoring `get_fields_for_render()` that is being used in some implementations (#639)
Expand Down
2 changes: 1 addition & 1 deletion classes/class-wpcom-liveblog-rest-api.php
Original file line number Diff line number Diff line change
Expand Up @@ -180,12 +180,12 @@ public static function register_routes() {
array(
'methods' => WP_REST_Server::CREATABLE,
'callback' => array( __CLASS__, 'format_preview_entry' ),
'permission_callback' => array( 'WPCOM_Liveblog', 'current_user_can_edit_liveblog' ),
'args' => array(
'entry_content' => array(
'required' => true,
),
),
'permission_callback' => '__return_true',
)
);

Expand Down
4 changes: 2 additions & 2 deletions liveblog.php
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
* Plugin Name: Liveblog
* Plugin URI: http://wordpress.org/extend/plugins/liveblog/
* Description: Empowers website owners to provide rich and engaging live event coverage to a large, distributed audience.
* Version: 1.9.6
* Version: 1.9.7
* Author: WordPress.com VIP, Big Bite Creative and contributors
* Author URI: https://github.com/Automattic/liveblog/graphs/contributors
* Text Domain: liveblog
Expand All @@ -26,7 +26,7 @@
final class WPCOM_Liveblog {

/** Constants *************************************************************/
const VERSION = '1.9.6';
const VERSION = '1.9.7';
const REWRITES_VERSION = 1;
const MIN_WP_VERSION = '4.4';
const MIN_WP_REST_API_VERSION = '4.4';
Expand Down

0 comments on commit 91e88ac

Please sign in to comment.