[wp-trac] [WordPress Trac] #38531: Support for arrays in schema validation and sanitization
WordPress Trac
noreply at wordpress.org
Wed Nov 9 02:30:08 UTC 2016
#38531: Support for arrays in schema validation and sanitization
-------------------------+--------------------------
Reporter: joehoyle | Owner: rachelbaker
Type: enhancement | Status: assigned
Priority: normal | Milestone: 4.7
Component: REST API | Version:
Severity: normal | Resolution:
Keywords: 2nd-opinion | Focuses:
-------------------------+--------------------------
Comment (by rmccue):
Replying to [comment:7 joehoyle]:
> This means that we are "passing thru by default" which I think is a bad
idea for a sanitizing function. IMO if the items is not present we should
return an empty, and maybe fire a `doing_it_wrong`. With this, it would be
easy (and some places in the rest api already do this) to specify `type`
=> `array`, and therefor get no sanitization.
Per [http://json-schema.org/latest/json-schema-
validation.html#rfc.section.5.9 the JSON Schema spec]:
> Successful validation of an array instance with regards to
[`additionalItems` and `items`] is determined as follows:
>
> * if "items" is not present, or its value is an object, validation of
the instance always succeeds, regardless of the value of
"additionalItems";
> * [...]
> * if the value of "additionalItems" is boolean value false and the value
of "items" is an array, the instance is valid if its size is less than, or
equal to, the size of "items".
>
> If either keyword is absent, it may be considered present with an empty
schema.
Hence, I believe the default behaviour here is correct. It would only fail
if `items` was present, an array, and also `additionalItems` was set to
false.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/38531#comment:19>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list