admin-ajax.php 400 bad request - whats wrong with my code?

I'm getting a 400 bad request from admin-ajax.php warnings from pagespeed insights tell me it's an issue.

Can you see any obvious issues in the code in our admin-ajax.php file?

?php
/**
 * WordPress Ajax Process Execution
 *
 * @package WordPress
 * @subpackage Administration
 *
 * @link https://codex.wordpress.org/AJAX_in_Plugins
 */

/**
 * Executing Ajax process.
 *
 * @since 2.1.0
 */
define( 'DOING_AJAX', true );
if ( ! defined( 'WP_ADMIN' ) ) {
    define( 'WP_ADMIN', true );
}

/** Load WordPress Bootstrap */
require_once( dirname( dirname( __FILE__ ) ) . '/wp-load.php' );

/** Allow for cross-domain requests (from the front end). */
send_origin_headers();

// Require an action parameter
if ( empty( $_REQUEST['action'] ) )
    wp_die( '0', 400 );

/** Load WordPress Administration APIs */
require_once( ABSPATH . 'wp-admin/includes/admin.php' );

/** Load Ajax Handlers for WordPress Core */
require_once( ABSPATH . 'wp-admin/includes/ajax-actions.php' );

@header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) );
@header( 'X-Robots-Tag: noindex' );

send_nosniff_header();
nocache_headers();

/** This action is documented in wp-admin/admin.php */
do_action( 'admin_init' );

$core_actions_get = array(
    'fetch-list', 'ajax-tag-search', 'wp-compression-test', 'imgedit-preview', 'oembed-cache',
    'autocomplete-user', 'dashboard-widgets', 'logged-in',
);

$core_actions_post = array(
    'oembed-cache', 'image-editor', 'delete-comment', 'delete-tag', 'delete-link',
    'delete-meta', 'delete-post', 'trash-post', 'untrash-post', 'delete-page', 'dim-comment',
    'add-link-category', 'add-tag', 'get-tagcloud', 'get-comments', 'replyto-comment',
    'edit-comment', 'add-menu-item', 'add-meta', 'add-user', 'closed-postboxes',
    'hidden-columns', 'update-welcome-panel', 'menu-get-metabox', 'wp-link-ajax',
    'menu-locations-save', 'menu-quick-search', 'meta-box-order', 'get-permalink',
    'sample-permalink', 'inline-save', 'inline-save-tax', 'find_posts', 'widgets-order',
    'save-widget', 'delete-inactive-widgets', 'set-post-thumbnail', 'date_format', 'time_format',
    'wp-remove-post-lock', 'dismiss-wp-pointer', 'upload-attachment', 'get-attachment',
    'query-attachments', 'save-attachment', 'save-attachment-compat', 'send-link-to-editor',
    'send-attachment-to-editor', 'save-attachment-order', 'heartbeat', 'get-revision-diffs',
    'save-user-color-scheme', 'update-widget', 'query-themes', 'parse-embed', 'set-attachment-thumbnail',
    'parse-media-shortcode', 'destroy-sessions', 'install-plugin', 'update-plugin', 'crop-image',
    'generate-password', 'save-wporg-username', 'delete-plugin', 'search-plugins',
    'search-install-plugins', 'activate-plugin', 'update-theme', 'delete-theme', 'install-theme',
    'get-post-thumbnail-html', 'get-community-events', 'edit-theme-plugin-file',
    'wp-privacy-export-personal-data',
    'wp-privacy-erase-personal-data',
);

// Deprecated
$core_actions_post_deprecated = array( 'wp-fullscreen-save-post', 'press-this-save-post', 'press-this-add-category' );
$core_actions_post = array_merge( $core_actions_post, $core_actions_post_deprecated );

// Register core Ajax calls.
if ( ! empty( $_GET['action'] )  in_array( $_GET['action'], $core_actions_get ) )
    add_action( 'wp_ajax_' . $_GET['action'], 'wp_ajax_' . str_replace( '-', '_', $_GET['action'] ), 1 );

if ( ! empty( $_POST['action'] )  in_array( $_POST['action'], $core_actions_post ) )
    add_action( 'wp_ajax_' . $_POST['action'], 'wp_ajax_' . str_replace( '-', '_', $_POST['action'] ), 1 );

add_action( 'wp_ajax_nopriv_heartbeat', 'wp_ajax_nopriv_heartbeat', 1 );

if ( is_user_logged_in() ) {
    // If no action is registered, return a Bad Request response.
    if ( ! has_action( 'wp_ajax_' . $_REQUEST['action'] ) ) {
        wp_die( '0', 400 );
    }

    /**
     * Fires authenticated Ajax actions for logged-in users.
     *
     * The dynamic portion of the hook name, `$_REQUEST['action']`,
     * refers to the name of the Ajax action callback being fired.
     *
     * @since 2.1.0
     */
    do_action( 'wp_ajax_' . $_REQUEST['action'] );
} else {
    // If no action is registered, return a Bad Request response.
    if ( ! has_action( 'wp_ajax_nopriv_' . $_REQUEST['action'] ) ) {
        wp_die( '0', 400 );
    }

    /**
     * Fires non-authenticated Ajax actions for logged-out users.
     *
     * The dynamic portion of the hook name, `$_REQUEST['action']`,
     * refers to the name of the Ajax action callback being fired.
     *
     * @since 2.8.0
     */
    do_action( 'wp_ajax_nopriv_' . $_REQUEST['action'] );
}
// Default status
wp_die( '0' );

By clicking inspect element, then refreshing with the network tab open, then clicking initiator i can see a red x next to the code which seems to be causing the problem. What is the issue with that ?

Code here:

;!function() {
var t, e, n, o = 0, u = function(t, e) {
    return "function" != typeof t || t.replaced ? t : (e.replaced = !0,
    e)
};
if ("undefined" != typeof CustomEvent  "function" == typeof window.dispatchEvent) {
    var r = function(t) {
        try {
            if ("object" == typeof t  (t = JSON.stringify(t)),
            "string" == typeof t)
                return window.dispatchEvent(new CustomEvent("lprequeststart",{
                    detail: {
                        data: t,
                        requestID: ++o
                    }
                })),
                o
        } catch (t) {}
    }
      , s = function(t) {
        try {
            window.dispatchEvent(new CustomEvent("lprequestend",{
                detail: t
            }))
        } catch (t) {}
    };
    "undefined" != typeof XMLHttpRequest  XMLHttpRequest.prototype  XMLHttpRequest.prototype.send  (XMLHttpRequest.prototype.send = u(XMLHttpRequest.prototype.send, (n = XMLHttpRequest.prototype.send,
    function(t) {
        var e = this
          , o = r(t);
        return o  e.addEventListener("loadend", function() {
            s({
                requestID: o,
                statusCode: e.status
            })
        }),
        n.apply(e, arguments) **THIS IS WHERE THE RED X SUGGESTS AN ISSUE**
    }
    ))),
    "function" == typeof fetch  (fetch = u(fetch, (e = fetch,
    function(t, n) {
        var o = r(n)
          , u = e.apply(this, arguments);
        if (o) {
            var c = function(t) {
                s({
                    requestID: o,
                    statusCode: t  t.status
                })
            };
            u.then(c).catch(c)
        }
        return u
    }
    )));
    var c = function(t) {
        return u(t, function() {
            try {
                this.dispatchEvent(new CustomEvent("lpsubmit"))
            } catch (t) {}
            return t.apply(this, arguments)
        })
    }
      , i = function() {
        if (document  document.forms  document.forms.length  0)
            for (var t = 0; t  document.forms.length; ++t)
                document.forms[t].submit = c(document.forms[t].submit)
    };
    document  "interactive" === document.readyState || "complete" === document.readyState ? i() : window.addEventListener("DOMContentLoaded", i, !0),
    Document.prototype.createElement = u(Document.prototype.createElement, (t = Document.prototype.createElement,
    function() {
        var e = t.apply(this, arguments);
        return e  "FORM" === e.nodeName  e.submit  (e.submit = c(e.submit)),
        e
    }
    ))
}

}

Topic code php Wordpress javascript

Category Web

1
answered at

Using chrome dev tools i found the file which was creating the http request.

This file was theme.min.js, i looked at the file & could see "porto_refresh_cart_fragments" though the file was minified so I didn't know what to remove.

After using a website to unminify the file it was clearer what i needed to remove so i stripped the code from the file because we don't have a cart on the website so it's obsolete.

The http request for admin-ajax.php from porto_refresh_cart_fragment is now fixed. I just thought i'd put this information here for future reference in case anyone else get the same issue, though this only worked because we didn't have a cart, it may help someone.

About

Geeks Mental is a community that publishes articles and tutorials about Web, Android, Data Science, new techniques and Linux security.