[wp-trac] [WordPress Trac] #61837: REST API: Uncaught TypeError when post password is provided as integer
WordPress Trac
noreply at wordpress.org
Tue Sep 17 18:06:41 UTC 2024
#61837: REST API: Uncaught TypeError when post password is provided as integer
--------------------------+------------------------------
Reporter: mlf20 | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: REST API | Version: 6.2.2
Severity: normal | Resolution:
Keywords: has-patch | Focuses: rest-api
--------------------------+------------------------------
Comment (by kadamwhite):
OK this one's cool. :D The current patch is not ideal, because we DO
validate that value against the schema already, and return an error. But
then we call the permission_callback within `rest_send_allow_header`, and
since the password is in the unexpected type, things blow up ''while
trying to send'' the error response back to the client.
We're specifically running into a situation where we expect to be checking
the `password` query parameter used for GET access, when we're actually
processing a POST that updates the password property of a post.
cc @TimothyBlynJacobs -- I'd like to add a basic type coercion within the
permission callback to fix the immediate issue, but it might be worth
looking at whether the `rest_send_allow_header` method is doing too much.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/61837#comment:5>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list