graphql_cookie_auth_require_nonce
apply_filters( 'graphql_cookie_auth_require_nonce', true, null );
Filter whether to require a nonce for cookie-based authentication. By default, WPGraphQL requires a nonce (X-WP-Nonce header or _wpnonce parameter) for cookie-authenticated requests to prevent CSRF attacks.
- Type: filter
- Group: Authentication and Authorization
- Since: 2.5.4
- Source File:
plugins/wp-graphql/src/Router.php
Parameters
$require_nonce(bool): Whether to require a nonce for cookie auth. Default true.$request(null): The Request instance (null in Router context).
Source
apply_filters( 'graphql_cookie_auth_require_nonce', true, null );
Related
Router::validate_http_request_authentication()inplugins/wp-graphql/src/Router.php:739