Fix handling responses to form submissions from an AMP Cache #1382
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Include AMP caches among the allowed redirect hosts. * Send CORS headers and handle XHR requests in classic mode in addition to native/paired mode. * Add Access-Control-Allow-Credentials:true and Vary:origin headers
|
For reviewing, you'll want to look at the commit after the first (i.e. 1870954), since the first commit is just the code re-org. |
|
For testing: amp.zip (v1.0-beta2-18709544-20180830T041312Z) |
westonruter
requested review from
hellofromtonya and
amedina
and removed request for
hellofromtonya
amedina
reviewed
Aug 30, 2018
| // Ensure that purge_amp_query_vars() didn't execute. | ||
| $this->assertTrue( isset( $_REQUEST['__amp_source_origin'] ) ); // WPCS: CSRF ok. | ||
| $this->assertFalse( has_action( 'widgets_init', array( self::TESTED_CLASS, 'register_widgets' ) ) ); | ||
| $this->assertFalse( has_action( 'widgets_init', array( self::TESTED_CLASS, 'register_widgets' ) ) ); |
amedina
approved these changes
Aug 30, 2018
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
It turns out that submitting a form from a page on an AMP cache is currently failing with the plugin. An error
The reason is that the plugin was not sending back the proper CORS response headers as detailed in the CORS in AMP docs. In particular, the
Access-Control-Allow-Originheader was not being sent, and theOriginchecking was not taking into the AMP Cache domains.In this PR:
AMP_Theme_Supportand the entirety ofAMP_Response_Headersto form a new classAMP_HTTP.allowed_redirect_hostsso thatwp_validate_redirect()will allow such origins.Access-Control-Allow-Credentials:trueandVary:originresponse headers.Access-Control-Expose-Headersresponse headers.To test this, you need to have the code deployed publicly and then access your site on the AMP cache, specifically a page that has a contact form on it. For an easy way to determine the AMP Cache URL for any given URL, see https://ampbyexample.com/advanced/using_the_google_amp_cache/#amp-cache-url-format
Fixes #1356.