Reports remain in spinner state after V4.9.6

  • Resolved himaartjp

    (@himaartwp)


    10 months ago

    Using the code on the reference page below, we are restricting access to the REST API while excluding specific plugins.

    https://takayakondo.com/rest-api-invalid/

    Starting from version 4.9.6, when you open the report screen, no information can be retrieved and it remains in the spinner state.

    This does not occur in version 4.9.5, and is probably due to some specification change after 4.9.6.

    No matter if I specify to exclude the REST API endpoint “dlm_download…” which is displayed as an error in the console, or if I specify to exclude the plugin directory “download-monitor”, the problem persists. I am worried that the issue has not been resolved.

    If you stop restricting this code, the report will be displayed instantly, but I would like to maintain the REST API access restriction, so I am posting this post to ask you to tell me how I can remove it.

    Currently, we have reverted to version 4.9.5 and are operating the code with it enabled, and there are no problems with its operation, so we would appreciate it if you could test it when you have time.

    (I’m not an English-speaking person, so I’m using a translation tool to translate the questions into English before asking, so I apologize if there are any parts that are difficult to understand.)

    Thank you

Viewing 7 replies - 1 through 7 (of 7 total)
  • Thread Starter himaartjp

    (@himaartwp)

    This is an additional message.

    I checked the differences between v4.9.5 and v4.9.6 on the page below.

    https://plugins.trac.www.ads-software.com/changeset?old_path=%2Fdownload-monitor&old=3013187&new_path=%2Fdownload-monitor&new=3025008&sfp_email=&sfph_mail=

    When I tried undoing the code below that was changed in “download-monitor/trunk/src/Admin/Reports/class-dlm-reports.php”, I found that regardless of whether or not the REST API restrictions are applied, The report was displayed successfully.

    v4.9.5

    $rest_rout_downloadscpt = rest_url( 'wp/v2/dlm_download' . $separator . '_fields=' . implode( ',', $cpt_fields ) . '&_wpnonce=' . wp_create_nonce( 'wp_rest' ) . $current_user_can );

    v4.9.6

    $rest_rout_downloadscpt = rest_url( 'wp/v2/dlm_download' . $separator . '_fields=' . implode( ',', $cpt_fields ) . $current_user_can );

    The URL that returns the error “Failed to load resource: the server responded with a status of 401 ()” in the console also seems to point to this description as shown below.

    [URL of the REST API page where the error is returned]

https:mydomain/wp-json/wp/v2/dlm_download?_fields=author,id,title,slug&user_can_view_reports=1

    At the same time, the following error message is also displayed on the console.

    Uncaught (in promise) Error: Something went wrong! Reports response did not come OK - 
    at DLM_Reports.fetchDownloadsCPT (reports.min.js?ver=4.9.7:1:39235)

    I would appreciate it if this could be a clue to a solution.

    Plugin Author Razvan Aldea

    (@raldea89)

    Hello,

    The https:mydomain/wp-json/wp/v2/ is part of the WordPress REST routes, and looking from the errors you are receiving seems that indeed that the WP’s REST route is locked. We did not made any modifications to that call, only to the call you specified above.

    I am curios if you are allowing calls to https:mydomain/wp-json/wp/v2/ or not. Also, could you please let me know when did you put the restrictions or if you changed something recently?

    Warmly,
    Razvan

    Thread Starter himaartjp

    (@himaartwp)

    thank you for your reply.

    The introduced code denies access to “https:mydomain/wp-json/wp/v2/” and excludes (passes through) only those that match “$route_namespace” registered in “register_rest_route”. (I’m sorry I don’t know much about REST API).

    Therefore, accessing “https:mydomain/wp-json/wp/v2/” will be refused.

    I’ve been using this code for quite some time and haven’t had any problems.
    What is currently excluded (passed)
    “Contact Form 7” plugin
    “oembed”
    “Jetpack” plugin
    “Redirection” plugin
    And only in the block editor, it’s working fine.

    I would like to somehow achieve both, but since this is a problem with code outside the plug-in (third party), if it seems difficult, please feel free to tell me that it is not supported.

    thank you

    Plugin Author Razvan Aldea

    (@raldea89)

    Could you add the wp/v2/dlm_download to the exclusions list and see if the problem goes away? I am not quite sure how you made the code to limit access for the REST API ( only partially understood what was in the example page you gave ), but from the looks of it the following code should work:

    if( strpos( $namespaces, 'wp/v2/dlm_download' ) === 1 ){
return $result;
}

    Warmly,
    Razvan

    Thread Starter himaartjp

    (@himaartwp)

    thank you for your reply.

    From what I can understand, I think that something like the page below (cannot access because login cannot be determined) is related.

    https://qiita.com/shima0218/items/d9f7d11bc6712f5e45f9

    Since this is a story on the management screen side, it seems like the access is being denied because you don’t have permission to access the REST API (as evidence, other accesses are checked with Nonce and are passed without any problems).

    It seems to be a special case only for me, so I will try to revert the code each time to deal with it.

    Thank You

    Thread Starter himaartjp

    (@himaartwp)

    I added the code you suggested and it seems to be working fine now.

    if( strpos( $namespaces, '
wp/v2/dlm_download
' ) === 1 ){
return $result;
}

    I apologize to you for a fuss over.

    thank you very much.

    Plugin Author Razvan Aldea

    (@raldea89)

    No problem, I am glad that the problem is solved ??

    Have a wonderful day!
    Razvan

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Reports remain in spinner state after V4.9.6’ is closed to new replies.