W3cubDocs

/WordPress

get_allowed_http_origins()

Retrieve list of allowed HTTP origins.

Return

(string[]) Array of origin URLs.

Source

File: wp-includes/http.php 

function get_allowed_http_origins() {
	$admin_origin = parse_url( admin_url() );
	$home_origin  = parse_url( home_url() );

	// @todo Preserve port?
	$allowed_origins = array_unique(
		array(
			'http://' . $admin_origin['host'],
			'https://' . $admin_origin['host'],
			'http://' . $home_origin['host'],
			'https://' . $home_origin['host'],
		)
	);

	/**
	 * Change the origin types allowed for HTTP requests.
	 *
	 * @since 3.4.0
	 *
	 * @param string[] $allowed_origins {
	 *     Array of default allowed HTTP origins.
	 *
	 *     @type string $0 Non-secure URL for admin origin.
	 *     @type string $1 Secure URL for admin origin.
	 *     @type string $2 Non-secure URL for home origin.
	 *     @type string $3 Secure URL for home origin.
	 * }
	 */
	return apply_filters( 'allowed_http_origins', $allowed_origins );
}

Uses

Uses Description
wp-includes/link-template.php: admin_url()

Retrieves the URL to the admin area for the current site.
wp-includes/link-template.php: home_url()

Retrieves the URL for the current site where the front end is accessible.
wp-includes/http.php: allowed_http_origins

Change the origin types allowed for HTTP requests.
wp-includes/plugin.php: apply_filters()

Calls the callback functions that have been added to a filter hook.

Used By

Used By Description
wp-includes/http.php: is_allowed_http_origin()

Determines if the HTTP origin is an authorized one.

Changelog

Version Description
3.4.0 Introduced.

© 2003–2019 WordPress Foundation
Licensed under the GNU GPLv2+ License.
https://developer.wordpress.org/reference/functions/get_allowed_http_origins