wp-content/plugins/kadence-blocks/includes/resources/Optimizer/Request/Request_Anonymizer.php

<?php declare( strict_types=1 );

namespace KadenceWP\KadenceBlocks\Optimizer\Request;

use KadenceWP\KadenceBlocks\Optimizer\Nonce\Nonce;
use KadenceWP\KadenceBlocks\StellarWP\SuperGlobals\SuperGlobals as SG;

/**
 * Handles the anonymization of authenticated requests for performance optimization.
 *
 * This class detects optimizer requests using a nonce-based query parameter and
 * forces them to run as anonymous (logged-out) requests. This ensures that
 * performance testing through iframes captures the public-facing version of
 * pages without any user-specific customizations or cached content.
 */
final class Request_Anonymizer {

	private Nonce $nonce;

	public function __construct( Nonce $nonce ) {
		$this->nonce = $nonce;
	}

	/**
	 * Detect if this is an optimizer request, and log the user out for that request so
	 * we're loading the public version of the URL through the iframe.
	 *
	 * @filter plugins_loaded
	 *
	 * @return void
	 */
	public function force_anonymous_request(): void {
		$nonce = SG::get_get_var( Request::QUERY_TOKEN );

		if ( ! $nonce ) {
			return;
		}

		// If using a browser that supports IFrame credentialless, they will be logged out already.
		if ( ! is_user_logged_in() ) {
			return;
		}

		if ( ! $this->nonce->verify( $nonce ) ) {
			wp_die( 'Invalid optimizer nonce.', 403 );
		}

		// Override the current user for the remainder of this request.
		wp_set_current_user( 0 );
	}
}
feat: initial ACRIB WordPress deployment - WordPress 6.9.4 (es_ES) with Kadence theme - Homepage: Hero, La Asociación, Pilares, Beneficios, Eventos, Miembros, Hazte Miembro, Contacto - Brand identity: #13294b navy, #a12932 burgundy, #c69c48 gold - Fonts: Raleway (headings) + Source Sans 3 (body) + Lato (UI) - Plugins: Kadence Blocks, Polylang, Contact Form 7 - Custom CSS with full brand styling and responsive layout - HTTPS enforced via wp-config.php proxy detection 2026-05-19 19:25:59 +02:00			`<?php declare( strict_types=1 );`

			`namespace KadenceWP\KadenceBlocks\Optimizer\Request;`

			`use KadenceWP\KadenceBlocks\Optimizer\Nonce\Nonce;`
			`use KadenceWP\KadenceBlocks\StellarWP\SuperGlobals\SuperGlobals as SG;`

			`/**`
			`* Handles the anonymization of authenticated requests for performance optimization.`
			`*`
			`* This class detects optimizer requests using a nonce-based query parameter and`
			`* forces them to run as anonymous (logged-out) requests. This ensures that`
			`* performance testing through iframes captures the public-facing version of`
			`* pages without any user-specific customizations or cached content.`
			`*/`
			`final class Request_Anonymizer {`

			`private Nonce $nonce;`

			`public function __construct( Nonce $nonce ) {`
			`$this->nonce = $nonce;`
			`}`

			`/**`
			`* Detect if this is an optimizer request, and log the user out for that request so`
			`* we're loading the public version of the URL through the iframe.`
			`*`
			`* @filter plugins_loaded`
			`*`
			`* @return void`
			`*/`
			`public function force_anonymous_request(): void {`
			`$nonce = SG::get_get_var( Request::QUERY_TOKEN );`

			`if ( ! $nonce ) {`
			`return;`
			`}`

			`// If using a browser that supports IFrame credentialless, they will be logged out already.`
			`if ( ! is_user_logged_in() ) {`
			`return;`
			`}`

			`if ( ! $this->nonce->verify( $nonce ) ) {`
			`wp_die( 'Invalid optimizer nonce.', 403 );`
			`}`

			`// Override the current user for the remainder of this request.`
			`wp_set_current_user( 0 );`
			`}`
			`}`