WordPress Disable REST API Header Links
WordPress 4.4 adds all sorts of new REST API functionality. Which is great if your site is using it. But if not, then you may want to remove all of the extra baggage that WordPress now adds to every page load. This tutorial explains how to disable it.
Note: before implementing any of these techniques, make sure that your site does not need any of the REST API stuff in WP 4.4. and beyond. That is, only disable if you know what you are doing ;)
Why?
Why would someone want to do this? Because not everyone uses or wants the WP REST API, so the link headers and related markup are not always necessary. For example, none of my sites use any of the REST API stuff. I like to keep things lightweight, fast, and relevant. One way to do this is to disable unnecessary code.
But hey, to each their own. If you want/use the REST API, then by all means knock yourself out and don’t disable it. Keep rockin’ bros.
Overview
This article explains how to disable three bits of code that WordPress now adds to front-end pages:
- REST API link tag
- oEmbed Discovery Links
- REST API link in HTTP headers
Honestly I’m not sure if the oEmbed links are considered a part of the REST API, but they look similar, appear in the same location, and were introduced at the same time as the other REST stuff, so I’m gonna include it here.
So now let’s look at each of these three items and see how to disable them.
Disable REST API link tag
WordPress 4.4 adds the following link tag to all front-end pages:
<link rel='https://api.w.org/' href='http://example.com/path/?rest_route=/' />
This markup can be disabled by adding the following line to functions.php:
remove_action('wp_head', 'rest_output_link_wp_head', 10);
Disable oEmbed Discovery Links
WordPress 4.4 adds the following oEmbed discovery links to all single-view pages:
<link rel="alternate" type="application/json+oembed" href="http://example.com/path/?rest_route=%2Foembed%2F1.0%2Fembed&url=http%3A%2F%2Fexample.com%2Fpath%2F%3Fp%3D1" />
<link rel="alternate" type="text/xml+oembed" href="http://example.com/path/?rest_route=%2Foembed%2F1.0%2Fembed&url=http%3A%2F%2Fexample.com%2Fpath%2F%3Fp%3D1&format=xml" />
This markup can be disabled by adding the following line to functions.php:
remove_action('wp_head', 'wp_oembed_add_discovery_links', 10);
Disable REST API link in HTTP headers
WordPress 4.4 adds the following link header to all page requests:
Link: <http://example.com/path/wp-json/>; rel="https://api.w.org/"
This header can be disabled by adding the following line to functions.php
:
remove_action('template_redirect', 'rest_output_link_header', 11, 0);
All Together
Putting these three techniques together, we get the following chunk of code:
// Disable REST API link tag
remove_action('wp_head', 'rest_output_link_wp_head', 10);
// Disable oEmbed Discovery Links
remove_action('wp_head', 'wp_oembed_add_discovery_links', 10);
// Disable REST API link in HTTP headers
remove_action('template_redirect', 'rest_output_link_header', 11, 0);
You can add that magic slab via theme template or custom plugin and call it good.
Of course, there is like a 100% chance that WordPress will change how these REST API functions operate, so most likely these techniques will need updating at some point in the future.
Ahhh, the joys of “progress”.