[wp-trac] [WordPress Trac] #54740: REST API: oneOf validation behaves unexpectedly with strings/arrays
WordPress Trac
noreply at wordpress.org
Wed Jan 5 17:53:52 UTC 2022
#54740: REST API: oneOf validation behaves unexpectedly with strings/arrays
--------------------------+------------------------------
Reporter: ryelle | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: REST API | Version: 5.6
Severity: normal | Resolution:
Keywords: | Focuses:
--------------------------+------------------------------
Comment (by TimothyBlynJacobs):
Yeah, so essentially the issue is that the WordPress JSON Schema validator
supports loose typing because we accept data that isn't originally JSON
like form-encoded data or URL based. One of the more extreme examples is
that we allow a string value when a property expects an array.
So a schema like the one provided where you specify a `oneOf` of an array
or array of strings is something you'd never do as a REST API validation
schema, because it is the default behavior.
Of course, this causes problems if you are using another validator that is
more strict, you need to allow for a bare string value.
I think it could be possible for the schema validation to be updated such
that `rest_find_one_matching_schema` would understand if a value was
validated successfully without any type coercion, but that may be pretty
challenging to implement as the type coercion is fairly fundamental to our
schema validator.
For now, instead of using `oneOf` you should be able do something like
this.
{{{
{
"type": [
"array",
"string"
],
"items": {
"type": "string"
}
}
}}}
The `type` keyword can be a list of types, and the `items` keyword will
only apply if it is validating an `array`. The `oneOf` keyword allows for
more complex validation, but in general, if something can be expressed
with a list of types, that would be preferred.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/54740#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list