WordPress-C
/
WordPress
mirror of https://github.com/WordPress/WordPress.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

REST API: Sanitize arrays being sent as CSVs. 

In #38586 the ability to parse arrays as csv was introduced, however it didn't add any support for validating csv arrays. This adds such sanitization, and also a good amount of unit tests for all sanitization baed off schema.

See #38586.

Built from https://develop.svn.wordpress.org/trunk@39061


git-svn-id: http://core.svn.wordpress.org/trunk@39003 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Joe Hoyle 2016-10-31 17:08:31 +00:00
parent 1c45ae618c
commit 6ee8f33660
2 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
wp-includes/rest-api.php
View File

@ -1097,6 +1097,9 @@ function rest_sanitize_value_from_schema( $value, $args ) {
if ( empty( $args['items'] ) ) { if ( empty( $args['items'] ) ) {
return (array) $value; return (array) $value;
} }
if ( ! is_array( $value ) ) {
$value = preg_split( '/[\s,]+/', $value );
}
foreach ( $value as $index => $v ) { foreach ( $value as $index => $v ) {
$value[ $index ] = rest_sanitize_value_from_schema( $v, $args['items'] ); $value[ $index ] = rest_sanitize_value_from_schema( $v, $args['items'] );
} }

2
wp-includes/version.php
View File

@ -4,7 +4,7 @@
* *
* @global string $wp_version * @global string $wp_version
*/ */
$wp_version = '4.7-beta1-39060'; $wp_version = '4.7-beta1-39061';
/** /**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema. * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.