[wp-trac] [WordPress Trac] #38583: Support for objects in schema validation and sanitization
WordPress Trac
noreply at wordpress.org
Mon Oct 23 18:44:52 UTC 2017
#38583: Support for objects in schema validation and sanitization
----------------------------------------+-----------------------
Reporter: rachelbaker | Owner: rmccue
Type: enhancement | Status: reopened
Priority: high | Milestone: 4.9
Component: REST API | Version: 4.7
Severity: major | Resolution:
Keywords: has-unit-tests needs-patch | Focuses:
----------------------------------------+-----------------------
Comment (by mnelson4):
> Ok so I think we are on the same page in terms of what the options are.
Cool!
> The typical case for the REST API sanization right now is: is it's
something not understood, pass it through, else sanitize it
This is probably a good pragmatic approach: I think it will preserve
backward compatibility nicely (I doubt anyone declared a schema for an
object with no properties and literally expected only an empty object to
be valid), and when we do declare properties of an object, we're
defaulting to a whitelisting approach.
I think, in the future, there will still be room for accepting
`additionalProperties` too, it's just that it's default value is
conditional: it's `true` unless `properties` is set, in which case it's
`false`. That's a bit tricky, but if we document it I think that will be
fine.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/38583#comment:37>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list