diff --git a/wp-includes/rest-api/auth/class-wp-rest-key-pair.php b/wp-includes/rest-api/auth/class-wp-rest-key-pair.php index df47258..0181c6d 100644 --- a/wp-includes/rest-api/auth/class-wp-rest-key-pair.php +++ b/wp-includes/rest-api/auth/class-wp-rest-key-pair.php @@ -80,7 +80,7 @@ public static function get_rest_uri() { $prefix = rest_get_url_prefix(); } - return sprintf( '/%s/%s/%s', $prefix, self::_NAMESPACE_, self::_REST_BASE_ ); + return sprintf( '%s/%s/%s/%s', get_home_url(), $prefix, self::_NAMESPACE_, self::_REST_BASE_ ); } /** diff --git a/wp-includes/rest-api/auth/class-wp-rest-token.php b/wp-includes/rest-api/auth/class-wp-rest-token.php index 4b67d02..4682768 100644 --- a/wp-includes/rest-api/auth/class-wp-rest-token.php +++ b/wp-includes/rest-api/auth/class-wp-rest-token.php @@ -762,6 +762,14 @@ public function get_auth_header() { $header = sanitize_text_field( $_SERVER['REDIRECT_HTTP_AUTHORIZATION'] ); } + //Maybe apache? + if( function_exists('apache_request_headers') ) { + $headers = apache_request_headers(); + if (! $header && is_array($headers) && isset($headers['Authorization'])) { + $header = sanitize_text_field( $headers['Authorization'] ); + } + } + // The HTTP Authorization Header is missing, return an error. if ( ! $header ) { return new WP_Error(