have a filter to defer signature verification (#435)

This commit is contained in:
Matthias Pfefferle 2023-11-11 06:00:20 +01:00 committed by GitHub
parent 24d12de8ec
commit 6810884c52
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -89,6 +89,23 @@ class Server {
return $response;
}
/**
* Filter to defer signature verification
*
* Skip signature verification for debugging purposes or to reduce load for
* certain Activity-Types, like "Delete".
*
* @param bool $defer Whether to defer signature verification.
* @param WP_REST_Request $request The request used to generate the response.
*
* @return bool Whether to defer signature verification.
*/
$defer = \apply_filters( 'activitypub_defer_signature_verification', false, $request );
if ( $defer ) {
return $response;
}
// POST-Requets are always signed
if ( 'GET' !== $request->get_method() ) {
$verified_request = Signature::verify_http_signature( $request );