[wp-trac] [WordPress Trac] #43177: REST API allows empty comments containing only whitespace
WordPress Trac
noreply at wordpress.org
Tue Jan 30 17:16:30 UTC 2018
#43177: REST API allows empty comments containing only whitespace
--------------------------+------------------------------
Reporter: jaswrks | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: REST API | Version: trunk
Severity: normal | Resolution:
Keywords: | Focuses: rest-api
--------------------------+------------------------------
Comment (by jaswrks):
Thanks for the reconnaissance with respect to
`wp_handle_comment_submission()` and the AJAX handler. I noticed this also
and considered not opening this ticket when I reviewed tickets from the
past that mentioned this.
However, I respectfully disagree that it should be possible to submit a
whitespace-only comment via the REST API. The code, as it exists now,
intends to prevent an empty comment from being submitted. The problem, as
I see it, is not a matter of whether this should be allowed or not,
because it's already the case that an empty comment should not be allowed.
The problem is that the existing code fails to do this.
For example, I can submit a string that contains nothing but whitespace,
and it accepts this, and then returns an object in the response with the
content having been trimmed. So in fact it is an empty comment. The
existing code just needs to trim before accepting the submission that
really is just an empty string in the eyes of other core code.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/43177#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list