Defining the Setting's allowed entries

With the Schema Settings module, you can retrieve the settings from the site (stored in table wp_options), by querying field option:

{
  option(name: "home")
}

For security reasons, which options can be queried must be explicitly configured.

By default, only the following options can be queried:

  • "home"
  • "blogname"
  • "blogdescription"

Configuring the allowed options

In the "Schema Settings" tab from the Settings, we must configure the list of options that can be queried via option.

Each entry can either be:

  • A regex (regular expression), if it's surrounded by /, or
  • The full option name, otherwise

For instance, both entries siteurl and /site.*/ match option name "siteurl".

Defining the entries for the Settings
Defining the entries for the Settings

There are 2 behaviors, "Allow access" and "Deny access":

πŸ‘‰πŸ½ Allow access: only the configured entries can be accessed, and no other can
πŸ‘‰πŸ½ Deny access: the configured entries cannot be accessed, all other entries can

Defining the access behavior
Defining the access behavior