[wp-trac] [WordPress Trac] #38984: REST API: Fix incorrect calls to `rest_sanitize_value_from_schema`

WordPress Trac noreply at wordpress.org
Tue Nov 29 20:29:45 UTC 2016


#38984: REST API: Fix incorrect calls to `rest_sanitize_value_from_schema`
--------------------------+-----------------------
 Reporter:  jnylen0       |      Owner:
     Type:  defect (bug)  |     Status:  new
 Priority:  normal        |  Milestone:  4.7
Component:  REST API      |    Version:  trunk
 Severity:  normal        |   Keywords:  has-patch
  Focuses:                |
--------------------------+-----------------------
 Two instances in `WP_REST_Users_Controller` where we are passing
 `$request` instead of `$args`.  This allows some minor weirdness:

 `POST /wp/v2/users?username=abcd&password=efgh&type=array`

 A user will be created with the username and password set to `Array`
 because `$request['array']` is interpreted as a type argument.

 One more incorrect call in `rest_sanitize_request_arg` where we are
 calling the function with a nonexistent third argument.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/38984>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list