The is_allowed_http_origin() WordPress PHP function determines if the HTTP origin is an authorized one.
Usage
$is_allowed = is_allowed_http_origin($origin);
Parameters
$originstring|null (Optional) – Origin URL. If not provided, the value ofget_http_origin()is used. Default: null.
More information
See WordPress Developer Resources: is_allowed_http_origin()
Examples
Check if the current HTTP origin is allowed
Determine if the current HTTP origin is allowed using the is_allowed_http_origin() function.
$is_allowed = is_allowed_http_origin();
if ($is_allowed) {
echo "Origin is allowed.";
} else {
echo "Origin is not allowed.";
}
Check if a specific origin is allowed
Determine if a specific HTTP origin is allowed using the is_allowed_http_origin() function with a custom origin.
$origin = 'https://www.example.com';
$is_allowed = is_allowed_http_origin($origin);
if ($is_allowed) {
echo "Origin '{$origin}' is allowed.";
} else {
echo "Origin '{$origin}' is not allowed.";
}
Add an allowed origin
Add an allowed origin using the allowed_http_origins filter.
function my_allowed_origins($origins) {
$origins[] = 'https://www.example2.com';
return $origins;
}
add_filter('allowed_http_origins', 'my_allowed_origins');
Remove an allowed origin
Remove an allowed origin using the allowed_http_origins filter.
function my_remove_allowed_origin($origins) {
$index = array_search('https://www.example2.com', $origins);
if (false !== $index) {
unset($origins[$index]);
}
return $origins;
}
add_filter('allowed_http_origins', 'my_remove_allowed_origin');
Check and display allowed origins
Check and display all allowed HTTP origins.
$allowed_origins = apply_filters('allowed_http_origins', array());
foreach ($allowed_origins as $origin) {
echo "Allowed origin: {$origin}<br>";
}