WordPress at a glance
filter is not described

rest_allowed_cors_headers filter-hook . WP 5.5.0

Filters the list of request headers that are allowed for CORS requests.

The allowed headers are passed to the browser to specify which headers can be passed to the REST API. By default, we allow the Content-* headers needed to upload files to the media endpoints. As well as the Authorization and Nonce headers for allowing authentication.


add_filter( 'rest_allowed_cors_headers', 'filter_function_name_4127' );
function filter_function_name_4127( $allow_headers ){
	// filter...

	return $allow_headers;
The list of headers to allow.


Since 5.5.0 Introduced.

Where the hook is called

wp-includes/rest-api/class-wp-rest-server.php 343
$allow_headers = apply_filters( 'rest_allowed_cors_headers', $allow_headers );

Where in WP core the hook is used WordPress

Usage not found.