is_allowed_http_origin - Documentation

WordPress Version: 6.1

/**
 * Determines if the HTTP origin is an authorized one.
 *
 * @since 3.4.0
 *
 * @param string|null $origin Origin URL. If not provided, the value of get_http_origin() is used.
 * @return string Origin URL if allowed, empty string if not.
 */
function is_allowed_http_origin($origin = null)
{
    $origin_arg = $origin;
    if (null === $origin) {
        $origin = get_http_origin();
    }
    if ($origin && !in_array($origin, get_allowed_http_origins(), true)) {
        $origin = '';
    }
    /**
     * Change the allowed HTTP origin result.
     *
     * @since 3.4.0
     *
     * @param string $origin     Origin URL if allowed, empty string if not.
     * @param string $origin_arg Original origin string passed into is_allowed_http_origin function.
     */
    return apply_filters('allowed_http_origin', $origin, $origin_arg);
}

WordPress Version: 5.5

/**
 * Determines if the HTTP origin is an authorized one.
 *
 * @since 3.4.0
 *
 * @param null|string $origin Origin URL. If not provided, the value of get_http_origin() is used.
 * @return string Origin URL if allowed, empty string if not.
 */
function is_allowed_http_origin($origin = null)
{
    $origin_arg = $origin;
    if (null === $origin) {
        $origin = get_http_origin();
    }
    if ($origin && !in_array($origin, get_allowed_http_origins(), true)) {
        $origin = '';
    }
    /**
     * Change the allowed HTTP origin result.
     *
     * @since 3.4.0
     *
     * @param string $origin     Origin URL if allowed, empty string if not.
     * @param string $origin_arg Original origin string passed into is_allowed_http_origin function.
     */
    return apply_filters('allowed_http_origin', $origin, $origin_arg);
}

WordPress Version: 4.5

/**
 * Determines if the HTTP origin is an authorized one.
 *
 * @since 3.4.0
 *
 * @param null|string $origin Origin URL. If not provided, the value of get_http_origin() is used.
 * @return string Origin URL if allowed, empty string if not.
 */
function is_allowed_http_origin($origin = null)
{
    $origin_arg = $origin;
    if (null === $origin) {
        $origin = get_http_origin();
    }
    if ($origin && !in_array($origin, get_allowed_http_origins())) {
        $origin = '';
    }
    /**
     * Change the allowed HTTP origin result.
     *
     * @since 3.4.0
     *
     * @param string $origin     Origin URL if allowed, empty string if not.
     * @param string $origin_arg Original origin string passed into is_allowed_http_origin function.
     */
    return apply_filters('allowed_http_origin', $origin, $origin_arg);
}

WordPress Version: 4.3

/**
 * Determines if the HTTP origin is an authorized one.
 *
 * @since 3.4.0
 *
 * @param null|string $origin Origin URL. If not provided, the value of get_http_origin() is used.
 * @return string True if the origin is allowed. False otherwise.
 */
function is_allowed_http_origin($origin = null)
{
    $origin_arg = $origin;
    if (null === $origin) {
        $origin = get_http_origin();
    }
    if ($origin && !in_array($origin, get_allowed_http_origins())) {
        $origin = '';
    }
    /**
     * Change the allowed HTTP origin result.
     *
     * @since 3.4.0
     *
     * @param string $origin     Result of check for allowed origin.
     * @param string $origin_arg Original origin string passed into is_allowed_http_origin function.
     */
    return apply_filters('allowed_http_origin', $origin, $origin_arg);
}

WordPress Version: 4.1

/**
 * Determines if the HTTP origin is an authorized one.
 *
 * @since 3.4.0
 *
 * @param null|string $origin Origin URL. If not provided, the value of get_http_origin() is used.
 * @return bool|null True if the origin is allowed. False otherwise.
 */
function is_allowed_http_origin($origin = null)
{
    $origin_arg = $origin;
    if (null === $origin) {
        $origin = get_http_origin();
    }
    if ($origin && !in_array($origin, get_allowed_http_origins())) {
        $origin = '';
    }
    /**
     * Change the allowed HTTP origin result.
     *
     * @since 3.4.0
     *
     * @param string $origin Result of check for allowed origin.
     * @param string $origin_arg original origin string passed into is_allowed_http_origin function.
     */
    return apply_filters('allowed_http_origin', $origin, $origin_arg);
}

WordPress Version: 3.7

/**
 * Determines if the HTTP origin is an authorized one.
 *
 * @since 3.4.0
 *
 * @param string Origin URL. If not provided, the value of get_http_origin() is used.
 * @return bool True if the origin is allowed. False otherwise.
 */
function is_allowed_http_origin($origin = null)
{
    $origin_arg = $origin;
    if (null === $origin) {
        $origin = get_http_origin();
    }
    if ($origin && !in_array($origin, get_allowed_http_origins())) {
        $origin = '';
    }
    /**
     * Change the allowed HTTP origin result.
     *
     * @since 3.4.0
     *
     * @param string $origin Result of check for allowed origin.
     * @param string $origin_arg original origin string passed into is_allowed_http_origin function.
     */
    return apply_filters('allowed_http_origin', $origin, $origin_arg);
}