[wp-trac] [WordPress Trac] #38531: Support for arrays in schema validation and sanitization
WordPress Trac
noreply at wordpress.org
Wed Nov 9 19:14:32 UTC 2016
#38531: Support for arrays in schema validation and sanitization
-------------------------+-----------------------
Reporter: joehoyle | Owner: joehoyle
Type: enhancement | Status: assigned
Priority: normal | Milestone: 4.7
Component: REST API | Version:
Severity: normal | Resolution:
Keywords: 2nd-opinion | Focuses:
-------------------------+-----------------------
Comment (by joehoyle):
Added a patch to address the following:
- `rest_validate_value_from_schema` should fail if passed assoc. arrays,
as this means it was an object in JSON.
- `rest_sanitize_value_from_schema` will now convert arrays to numeric
arrays, to not allow unwanted data to slip in via the keys.
- `rest_sanitize_value_from_schema` will now cast data to `string` for
`type => string`.
- Meta fields are now properly excluded if they are not registered with a
valid type.
- Meta fields' type is now a fall back to the registered meta
`show_in_rest`'s type. Seems this was an oversight.
- Updated tests for meta to include the `type` in registration.
- Schemas with unknown types will pass through
`rest_validate_value_from_schema` and `rest_sanitize_value_from_schema`
unchanged. As this is a developer decision, we ideally want to support
using different types, whereby developers implement their own sanitization
for those. Because we use `rest_parse_request_arg` in the case of _any_
type being supplied, I think this makes the most sense.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/38531#comment:22>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list