[wp-trac] [WordPress Trac] #38420: API Post status parameter does not accept multiple values
WordPress Trac
noreply at wordpress.org
Fri Oct 21 07:25:59 UTC 2016
#38420: API Post status parameter does not accept multiple values
--------------------------+------------------------------
Reporter: kadamwhite | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: REST API | Version: trunk
Severity: normal | Resolution:
Keywords: | Focuses:
--------------------------+------------------------------
Comment (by websupporter):
[https://core.trac.wordpress.org/attachment/ticket/38420/38420.3.diff
38420.3.diff] extends the patch for validation.
In order to follow @joehoyle suggestion, I did also update the ''class-wp-
rest-server.php'' to whitelist `items`. I am not quite sure, which toughts
are involved in the whitelisting. I was rather strict and did only
whiteliste `[items][type]` and `[items][enum]`.
{{{#!php
<?php
...
array(
'type' => 'array',
'items' => array(
'enum' => array( 'publish', .... ),
'type' => 'string',
)
)
...
}}}
The `validate_user_can_query_private_statuses()` is extended like in
https://github.com/danielbachhuber/wordpress-develop/pull/4 (`return
rest_validate_request_arg( $value, $request, $param );`)
I added the `type` because I was not quite sure, if there could be a list
of integer enums. Right now, we do not have this, but can enums by
definition contain numbers? In this case, we could run into a problem like
the `rest_is_boolean()` problem, so I wanted to restrict the current
array-enum-handling only to strings.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/38420#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list