get_allowed_http_origins(): string[]

In this article

Retrieve list of allowed HTTP origins.

Return

string[] Array of origin URLs.

Source

function get_allowed_http_origins() {
	$admin_origin = parse_url( admin_url() );
	$home_origin  = parse_url( home_url() );

	// @todo Preserve port?
	$allowed_origins = array_unique(
		array(
			'http://' . $admin_origin['host'],
			'https://' . $admin_origin['host'],
			'http://' . $home_origin['host'],
			'https://' . $home_origin['host'],
		)
	);

	/**
	 * Change the origin types allowed for HTTP requests.
	 *
	 * @since 3.4.0
	 *
	 * @param string[] $allowed_origins {
	 *     Array of default allowed HTTP origins.
	 *
	 *     @type string $0 Non-secure URL for admin origin.
	 *     @type string $1 Secure URL for admin origin.
	 *     @type string $2 Non-secure URL for home origin.
	 *     @type string $3 Secure URL for home origin.
	 * }
	 */
	return apply_filters( 'allowed_http_origins', $allowed_origins );
}

Hooks

apply_filters( ‘allowed_http_origins’, string[] $allowed_origins )

Change the origin types allowed for HTTP requests.

Changelog

VersionDescription
3.4.0Introduced.

User Contributed Notes

You must log in before being able to contribute a note or feedback.