You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I see the two filters in the documentation. Does it mean that if they are set, only the fields with the options enabled in the backend should show / be editable through the REST API?
// Enable the option show in restadd_filter( 'acf/rest_api/field_settings/show_in_rest', '__return_true' );
// Enable the option edit in restadd_filter( 'acf/rest_api/field_settings/edit_in_rest', '__return_true' );
I have added the filters and I see some of the ACF fields show when doing a wp/v2/users request under 'acf', even though their options are not enabled. Is that expected?
The text was updated successfully, but these errors were encountered:
Couple years later, and this is still a pretty big bug. Our ACF fields can contain sensitive data, so this is a pretty nasty security hole. My issue is popping up on an ACF Options page, unsure if that matters..
I see the two filters in the documentation. Does it mean that if they are set, only the fields with the options enabled in the backend should show / be editable through the REST API?
I have added the filters and I see some of the ACF fields show when doing a wp/v2/users request under 'acf', even though their options are not enabled. Is that expected?
The text was updated successfully, but these errors were encountered: