[wp-trac] [WordPress Trac] #60599: REST API: rest_filter_response_fields fails with a PHP fatal when a custom API endpoint returns a scalar value.
WordPress Trac
noreply at wordpress.org
Thu Feb 22 09:45:54 UTC 2024
#60599: REST API: rest_filter_response_fields fails with a PHP fatal when a custom
API endpoint returns a scalar value.
--------------------------+-----------------------------
Reporter: xknown | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: REST API | Version:
Severity: normal | Keywords:
Focuses: |
--------------------------+-----------------------------
The code in `rest_filter_response_fields` seems to only work with arrays.
Thus if a given API endpoint returns a scalar value, then querying this
endpoint by adding the `_fields` GET parameter will throw a PHP fatal in
PHP >= 8.x.
Steps to reproduce it:
Add the following dummy plugin and enable it to a test WP
{{{
alex at wayra time % cat time.php
<?php
/**
* Plugin Name: Datetime
*/
function my_awesome_func() {
return date( 'c' );
}
add_action( 'rest_api_init', function () {
register_rest_route( 'myplugin/v1', '/datetime', array(
'methods' => 'GET',
'callback' => 'my_awesome_func',
) );
} );
{
"plugins": [
"."
]
}
alex at wayra time % cat .wp-env.json
{
"plugins": [
"."
]
}
alex at wayra time % wp-env start
WordPress development site started at http://localhost:8888/
WordPress test site started at http://localhost:8889/
MySQL is listening on port 32768
MySQL for automated testing is listening on port 32769
✔ Done! (in 77s 181ms)
alex at wayra time % curl
'http://localhost:8888/?rest_route=/myplugin/v1/datetime'
"2024-02-22T09:38:36+00:00"%
alex at wayra time % curl
'http://localhost:8888/?rest_route=/myplugin/v1/datetime&_fields=foo'
Fatal error: Uncaught TypeError: array_intersect_key(): Argument #1
($array) must be of type array, string given in /var/www/html/wp-includes
/rest-api.php:869
Stack trace:
#0 /var/www/html/wp-includes/rest-api.php(869):
array_intersect_key('2024-02-22T09:3...', Array)
#1 /var/www/html/wp-includes/rest-api.php(928):
_rest_array_intersect_key_recursive('2024-02-22T09:3...', Array)
#2 /var/www/html/wp-includes/class-wp-hook.php(324):
rest_filter_response_fields(Object(WP_REST_Response),
Object(WP_REST_Server), Object(WP_REST_Request))
#3 /var/www/html/wp-includes/plugin.php(205):
WP_Hook->apply_filters(Object(WP_REST_Response), Array)
#4 /var/www/html/wp-includes/rest-api/class-wp-rest-server.php(454):
apply_filters('rest_post_dispa...', Object(WP_REST_Response),
Object(WP_REST_Server), Object(WP_REST_Request))
#5 /var/www/html/wp-includes/rest-api.php(424):
WP_REST_Server->serve_request('/myplugin/v1/da...')
#6 /var/www/html/wp-includes/class-wp-hook.php(324):
rest_api_loaded(Object(WP))
#7 /var/www/html/wp-includes/class-wp-hook.php(348):
WP_Hook->apply_filters('', Array)
#8 /var/www/html/wp-includes/plugin.php(565): WP_Hook->do_action(Array)
#9 /var/www/html/wp-includes/class-wp.php(418):
do_action_ref_array('parse_request', Array)
#10 /var/www/html/wp-includes/class-wp.php(813): WP->parse_request('')
#11 /var/www/html/wp-includes/functions.php(1336): WP->main('')
#12 /var/www/html/wp-blog-header.php(16): wp()
#13 /var/www/html/index.php(17): require('/var/www/html/w...')
#14 {main}
thrown in /var/www/html/wp-includes/rest-api.php on line 869
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/60599>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list