From bd0a38d439fd92540a4ab89af78c23acd727e5a1 Mon Sep 17 00:00:00 2001
From: Rachel Baker <rachel@rachelbaker.me>
Date: Tue, 27 Dec 2016 17:49:36 +0000
Subject: [PATCH] REST API: Allow schema sanitization_callback to be set to
 null to bypass fallback sanitization functions.

The logic in WP_REST_Request->sanitize_params() added in [39091] did not account for `null` or `false` being the sanitization_callback preventing overriding `rest_parse_request_arg()`. This fixes that oversight, allowing the built in sanitization function to be bypassed. See #38593.

Merges [39563] to the 4.7  branch.

Props kkoppenhaver, rachelbaker, jnylen0.
Fixes #39042.

Built from https://develop.svn.wordpress.org/branches/4.7@39642


git-svn-id: http://core.svn.wordpress.org/branches/4.7@39582 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/rest-api/class-wp-rest-request.php | 18 +++++++++++-------
 wp-includes/version.php                        |  2 +-
 2 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/wp-includes/rest-api/class-wp-rest-request.php b/wp-includes/rest-api/class-wp-rest-request.php
index 898f8658ed..4dd0dc2090 100644
--- a/wp-includes/rest-api/class-wp-rest-request.php
+++ b/wp-includes/rest-api/class-wp-rest-request.php
@@ -823,17 +823,21 @@ class WP_REST_Request implements ArrayAccess {
 				continue;
 			}
 			foreach ( $this->params[ $type ] as $key => $value ) {
-				// if no sanitize_callback was specified, default to rest_parse_request_arg
-				// if a type was specified in the args.
-				if ( ! isset( $attributes['args'][ $key ]['sanitize_callback'] ) && ! empty( $attributes['args'][ $key ]['type'] ) ) {
-					$attributes['args'][ $key ]['sanitize_callback'] = 'rest_parse_request_arg';
+				if ( ! isset( $attributes['args'][ $key ] ) ) {
+					continue;
 				}
-				// Check if this param has a sanitize_callback added.
-				if ( ! isset( $attributes['args'][ $key ] ) || empty( $attributes['args'][ $key ]['sanitize_callback'] ) ) {
+				$param_args = $attributes['args'][ $key ];
+
+				// If the arg has a type but no sanitize_callback attribute, default to rest_parse_request_arg.
+				if ( ! array_key_exists( 'sanitize_callback', $param_args ) && ! empty( $param_args['type'] ) ) {
+					$param_args['sanitize_callback'] = 'rest_parse_request_arg';
+				}
+				// If there's still no sanitize_callback, nothing to do here.
+				if ( empty( $param_args['sanitize_callback'] ) ) {
 					continue;
 				}
 
-				$sanitized_value = call_user_func( $attributes['args'][ $key ]['sanitize_callback'], $value, $this, $key );
+				$sanitized_value = call_user_func( $param_args['sanitize_callback'], $value, $this, $key );
 
 				if ( is_wp_error( $sanitized_value ) ) {
 					$invalid_params[ $key ] = $sanitized_value->get_error_message();
diff --git a/wp-includes/version.php b/wp-includes/version.php
index 82572103ae..04e28fc32e 100644
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -4,7 +4,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '4.7.1-alpha-39641';
+$wp_version = '4.7.1-alpha-39642';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.