is_allowed_http_origin

Determines if the HTTP origin is an authorized one.

Description

(string) is_allowed_http_origin( (null) $origin = null ); 

Returns (string)

Origin URL if allowed, empty string if not.

Parameters (1)

0. $origin — Optional. (null) => null
Origin URL. If not provided, the value of get_http_origin() is used.

Usage

  1. if ( !function_exists( 'is_allowed_http_origin' ) ) { 
  2. require_once ABSPATH . WPINC . '/http.php'; 
  3.  
  4. // Origin URL. If not provided, the value of get_http_origin() is used. 
  5. $origin = null; 
  6.  
  7. // NOTICE! Understand what this does before running. 
  8. $result = is_allowed_http_origin($origin); 
  9.  

Defined (1)

The function is defined in the following location(s).

/wp-includes/http.php  
  1. function is_allowed_http_origin( $origin = null ) { 
  2. $origin_arg = $origin; 
  3.  
  4. if ( null === $origin ) 
  5. $origin = get_http_origin(); 
  6.  
  7. if ( $origin && ! in_array( $origin, get_allowed_http_origins() ) ) 
  8. $origin = ''; 
  9.  
  10. /** 
  11. * Change the allowed HTTP origin result. 
  12. * @since 3.4.0 
  13. * @param string $origin Origin URL if allowed, empty string if not. 
  14. * @param string $origin_arg Original origin string passed into is_allowed_http_origin function. 
  15. */ 
  16. return apply_filters( 'allowed_http_origin', $origin, $origin_arg );