Sergey Biryukov
9cb0a09d1f
REST API: Merge two similar permission error strings.
...
Props ramiy.
Fixes #38857 .
Built from https://develop.svn.wordpress.org/trunk@39304
git-svn-id: http://core.svn.wordpress.org/trunk@39244 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-18 23:53:30 +00:00
Rachel Baker
0fdb955ce8
REST API: On Comment create, limit the ability to set the `author_ip` value directly.
...
Users without the moderate_comments capability can no longer set the `author_ip` property directly, and instead receive a `WP_Error` if they attempt to do so. Otherwise, the `author_ip property` is populated from `$_SERVER['REMOTE_ADDR']` if present and a valid IP value. Finally, fallback to 127.0.0.1 as a last resort.
Props dd32, rachelbaker, joehoyle.
Fixes #38819 .
Built from https://develop.svn.wordpress.org/trunk@39302
git-svn-id: http://core.svn.wordpress.org/trunk@39242 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-18 21:13:32 +00:00
Joe Hoyle
0c14c16ced
REST API: Clarify parameters when used in error strings.
...
Properties of objects should not be translated, and therefore are pulled out of the translation strings.
Props ocean90, ramiy, danielbachhuber.
Fixes #38822 .
Built from https://develop.svn.wordpress.org/trunk@39298
git-svn-id: http://core.svn.wordpress.org/trunk@39238 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-18 20:20:32 +00:00
Joe Hoyle
a38b863ae4
REST API: Change “ipv4” types to “ip” to support ipv6.
...
Stop presuming IP address are IPv4, instead make the type “ip” to be agnostic of IP version. This fixes requests with ipv6 addresses for comments in core.
Props dd32, schlessera, danielbachhuber.
Fixes #38818 .
Built from https://develop.svn.wordpress.org/trunk@39296
git-svn-id: http://core.svn.wordpress.org/trunk@39236 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-18 19:33:31 +00:00
Joe Hoyle
81c5b03029
REST API: Check read permissions on posts when viewing comments.
...
With a few tests for getting / creating comments to reflect core behaviour.
Props timmyc.
Built from https://develop.svn.wordpress.org/trunk@39295
git-svn-id: http://core.svn.wordpress.org/trunk@39235 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-18 19:07:30 +00:00
Rachel Baker
3f6131c2e6
REST API: Remove the `karma` property and query parameter from the Comments endpoints.
...
WordPress has not used the `karma` property internally for the past 8 years. There is no need to expose it in the REST API endpoints. Sites that use `karma` can include it using the `register_rest_field()` function.
Props dd32, danielbachhuber.
Fixes #38821 .
Built from https://develop.svn.wordpress.org/trunk@39292
git-svn-id: http://core.svn.wordpress.org/trunk@39232 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-18 18:53:29 +00:00
Rachel Baker
191e085fa3
REST API: On comment create, return an error if the `type` property is set to anything other than `comment`.
...
Of the default comment_types, only comments are expected to be created via the REST API endpoint. Comments do not have registered types the way that Posts do, so we do not have a method to accurately check permissions for arbitrary comment types.
Props dd32, boonebgorges, rachelbaker.
Fixes #38820 .
Built from https://develop.svn.wordpress.org/trunk@39290
git-svn-id: http://core.svn.wordpress.org/trunk@39230 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-18 18:37:30 +00:00
Rachel Baker
ccb4c7c8b9
REST API: Allow `parent` property to be explicitly set to `0` when creating or updating a Post.
...
Props lucasstark, danielbachhuber.
Fixes #38852 .
Built from https://develop.svn.wordpress.org/trunk@39289
git-svn-id: http://core.svn.wordpress.org/trunk@39229 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-18 18:12:31 +00:00
Rachel Baker
735fa34d42
REST API: On comment create, return an error if the `post` parameter does not relate to a valid WP_Post object.
...
Return a `WP_Error` object for attempts to create a comment without an empty or invalid `post` ID.
Props dd32, jnylen0, rachelbaker.
Fixes #38816 .
Built from https://develop.svn.wordpress.org/trunk@39288
git-svn-id: http://core.svn.wordpress.org/trunk@39228 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-18 16:56:30 +00:00
Rachel Baker
10bddfac39
REST API: On comment create, fallback to the `user_agent` header value.
...
If a user-agent is not explicitly provided in the `author_user_agent` parameter, fallback to the `user_agent` value in the request header.
Props dd32, jnylen0, rachelbaker.
Fixes #38817 .
Built from https://develop.svn.wordpress.org/trunk@39287
git-svn-id: http://core.svn.wordpress.org/trunk@39227 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-18 16:22:33 +00:00
Sergey Biryukov
acc30b09d7
Text Changes: Merge some duplicate strings with the same meaning in error messages, adjust some other strings for consistency and accuracy.
...
Props ramiy, SergeyBiryukov.
Fixes #38808 .
Built from https://develop.svn.wordpress.org/trunk@39278
git-svn-id: http://core.svn.wordpress.org/trunk@39218 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-17 15:53:33 +00:00
Sergey Biryukov
b92266a72b
REST API: After [39252] and [39264], uppercase some more 'ID' references in translatable strings.
...
See #38791 .
Built from https://develop.svn.wordpress.org/trunk@39266
git-svn-id: http://core.svn.wordpress.org/trunk@39206 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-16 13:28:37 +00:00
Sergey Biryukov
ce74afdae2
REST API: Uppercase 'ID' in endpoint descriptions and error messages for consistency with other strings.
...
See #38791 .
Built from https://develop.svn.wordpress.org/trunk@39264
git-svn-id: http://core.svn.wordpress.org/trunk@39204 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-16 12:18:33 +00:00
Sergey Biryukov
74c9f82ef2
REST API: Unify some more permission error messages.
...
Props ramiy.
Fixes #38803 .
Built from https://develop.svn.wordpress.org/trunk@39259
git-svn-id: http://core.svn.wordpress.org/trunk@39199 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-15 23:36:31 +00:00
Sergey Biryukov
07cf16f7ba
REST API: Unify permission error messages.
...
Props ramiy.
Fixes #38803 .
Built from https://develop.svn.wordpress.org/trunk@39257
git-svn-id: http://core.svn.wordpress.org/trunk@39197 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-15 22:23:30 +00:00
Sergey Biryukov
9c2ea0b8c7
REST API: Remove two duplicate strings, use the ones we already have.
...
See #38791 .
Built from https://develop.svn.wordpress.org/trunk@39252
git-svn-id: http://core.svn.wordpress.org/trunk@39192 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-15 20:40:29 +00:00
Sergey Biryukov
cc14606094
REST API: Unify permission error messages.
...
Props ramiy.
See #38791 , #34521 .
Built from https://develop.svn.wordpress.org/trunk@39251
git-svn-id: http://core.svn.wordpress.org/trunk@39191 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-15 20:37:32 +00:00
Joe Hoyle
d049f72459
REST API: Clean up argument and property types.
...
There's a couple of places where we were missing type notes for arguments, which mainly affects documentation.
Props jnylen0.
Fixes #38792 .
Built from https://develop.svn.wordpress.org/trunk@39250
git-svn-id: http://core.svn.wordpress.org/trunk@39190 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-15 18:16:30 +00:00
Sergey Biryukov
65fb74561b
REST API: After [39238] and [39239], move the remaining translator comments to preceding line.
...
See #38791 .
Built from https://develop.svn.wordpress.org/trunk@39245
git-svn-id: http://core.svn.wordpress.org/trunk@39185 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-15 13:07:33 +00:00
Ryan McCue
0f5a44e093
REST API: Move translator comments to preceding line.
...
Inline translator comments break POT file generation.
Props dd32.
See #38791 .
Built from https://develop.svn.wordpress.org/trunk@39239
git-svn-id: http://core.svn.wordpress.org/trunk@39179 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-15 05:39:32 +00:00
Ryan McCue
705f17cea2
REST API: Add translator comments to text with placeholders.
...
Props dimadin.
Fixes #38791 .
Built from https://develop.svn.wordpress.org/trunk@39238
git-svn-id: http://core.svn.wordpress.org/trunk@39178 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-15 04:28:31 +00:00
Joe Hoyle
a4fa8c528f
REST API: Make all collection params filterable.
...
For developers wanting to add their own registered collection parameters, they can now use the `rest_$type_collection_params` filter. This brings consistency with the already existing `rest_$post_type_collection_params`.
Fixes #38710 .
Props jnylen0.
Built from https://develop.svn.wordpress.org/trunk@39223
git-svn-id: http://core.svn.wordpress.org/trunk@39163 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-14 16:42:31 +00:00
Joe Hoyle
5c90d9ed8e
REST API: Validate and Sanitize registered meta based off the schema.
...
With the addition of Array support in our schema validation functions, it's now possible to use these in the meta validation and sanitization steps. Also, this increases the test coverage of using registered via meta the API significantly.
Fixes #38531 .
Props rachelbaker, tharsheblows.
Built from https://develop.svn.wordpress.org/trunk@39222
git-svn-id: http://core.svn.wordpress.org/trunk@39162 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-14 16:36:33 +00:00
Ryan McCue
65664731e9
REST API: Improve validation for usernames and passwords.
...
Also improves the slashing of user data in the REST API to avoid data loss.
Props jnylen0.
Fixes #38739 .
Built from https://develop.svn.wordpress.org/trunk@39219
git-svn-id: http://core.svn.wordpress.org/trunk@39159 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-14 07:13:31 +00:00
Joe Hoyle
f325af9caa
REST API: Allow updating a comment without the content present.
...
For all resources in the REST API, sending partial updates is supported. This fixes needing to _always_ specify comment content.
Props jnylen.
Fixes #38720 .
Built from https://develop.svn.wordpress.org/trunk@39196
git-svn-id: http://core.svn.wordpress.org/trunk@39136 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-10 03:35:30 +00:00
Joe Hoyle
3138878aa5
REST API: Use wp_slash rather than addslashes.
...
See #38726 .
Props dd32.
Built from https://develop.svn.wordpress.org/trunk@39192
git-svn-id: http://core.svn.wordpress.org/trunk@39132 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-10 02:39:30 +00:00
Joe Hoyle
67da42825e
REST API: Add `rest_base` to response objects of `wp/v2/taxonomies` and `wp/v2/types`
...
Though we have the `_links.collection` available, having this value can be useful to know post type / taxonomy urls if you need to build them another way.
Props youknowriad, jnylen0.
Fixes #38607 .
Built from https://develop.svn.wordpress.org/trunk@39191
git-svn-id: http://core.svn.wordpress.org/trunk@39131 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-10 02:21:30 +00:00
Joe Hoyle
e66d2478ee
REST API: `unfiltered_html` and slashing: terms.
...
Follow-up to #38609 and #38704 ; handle slashes correctly for taxonomy terms.
Props westonruter, jnylen0.
Fixes #38726 , see #38609 .
Built from https://develop.svn.wordpress.org/trunk@39190
git-svn-id: http://core.svn.wordpress.org/trunk@39130 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-10 02:10:30 +00:00
Ryan McCue
a2bbbddb9e
REST API: Include template in all post type schemas.
...
[38951] added templates to all post types, but didn't add them to the schema.
Props swissspidy.
Fixes #38698 .
Built from https://develop.svn.wordpress.org/trunk@39182
git-svn-id: http://core.svn.wordpress.org/trunk@39122 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-09 07:12:32 +00:00
Ryan McCue
3a449ea543
Roles/Capabilities: Add meta-caps for comment, term, and user meta.
...
Additionally, use these meta-caps in the REST API endpoints.
Previously, register_meta()'s auth_callback had no effect for non-post meta. This introduces `{add,edit,delete}_{comment,term,user}_meta` meta-caps to match the existing post meta capabilities. These are currently only used in the REST API.
Props tharsheblows, boonebgorges.
Fixes #38303 , fixes #38412 .
Built from https://develop.svn.wordpress.org/trunk@39179
git-svn-id: http://core.svn.wordpress.org/trunk@39119 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-09 03:42:30 +00:00
Ryan McCue
4060c68f85
REST API: Fire correct hooks when creating users on multiste.
...
`add_user_to_blog()` is now called, ensuring the correct hooks are called, along with setting the primary blog and clearing relevant caches.
Props jeremyfelt.
Fixes #38526 .
Built from https://develop.svn.wordpress.org/trunk@39177
git-svn-id: http://core.svn.wordpress.org/trunk@39117 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-09 01:35:30 +00:00
Pascal Birchler
548ac82b06
I18N: Add ability to change user's locale back to site's locale.
...
Previously there was no way to remove the user locale setting again, even though that might be desirable.
This adds a new 'Site Default' option to the user-specific language setting by introducing a new `show_site_locale_default` argument to `wp_dropdown_languages()`.
Props ocean90.
See #29783 .
Fixes #38632 .
Built from https://develop.svn.wordpress.org/trunk@39169
git-svn-id: http://core.svn.wordpress.org/trunk@39109 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-08 23:01:31 +00:00
Joe Hoyle
c15065dddf
REST API: Remove get_allowed_query_vars() now `filter` is gone.
...
Now all public query vars are not supoprted via `?filter` in the REST API, we can remove the get_allowed_query_vars() method and filter. To provide developers with a good altnerative to `filter`, the `"rest_{$this->post_type}_collection_params"` filter has been added.
Props rmccue, rachelbacker, danielbachhuber.
Fixes #38629 .
Built from https://develop.svn.wordpress.org/trunk@39162
git-svn-id: http://core.svn.wordpress.org/trunk@39102 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-08 14:08:32 +00:00
Joe Hoyle
8de95582e2
REST API: Remove rest_get_post filter and `get_post` abstraction.
...
This filter was originally introduced in https://github.com/WP-API/WP-API/pull/2535 to support Customizer Changesets (née Transactions). This is a super broad filter and doesn't really fit with the design of the API, nor is it (arguably) the right level to do this.
Props rmccue.
Fixes #38701 .
Built from https://develop.svn.wordpress.org/trunk@39161
git-svn-id: http://core.svn.wordpress.org/trunk@39101 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-08 13:09:33 +00:00
Ryan McCue
caabc52753
REST API: Respect unfiltered_html for HTML comment fields.
...
Same as [39155], but for comments, natch.
Props jnylen0.
Fixes #38704 , see #38609 .
Built from https://develop.svn.wordpress.org/trunk@39157
git-svn-id: http://core.svn.wordpress.org/trunk@39097 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-08 06:36:31 +00:00
Ryan McCue
f1975b18ea
REST API: Respect unfiltered_html for HTML post fields.
...
This necessitates a change to our slashing code as well. Ah slashing, the cause of, and solution to, all of life's problems.
Props jnylen0.
Fixes #38609 .
Built from https://develop.svn.wordpress.org/trunk@39155
git-svn-id: http://core.svn.wordpress.org/trunk@39095 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-08 05:55:32 +00:00
Ryan McCue
8760c9a91d
REST API: Change attachment caption & description to objects.
...
Just like excerpt and content for regular posts, these have transformations applied that can make the content significantly different from the raw value.
Props jnylen0.
Fixes #38679 .
Built from https://develop.svn.wordpress.org/trunk@39154
git-svn-id: http://core.svn.wordpress.org/trunk@39094 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-08 04:29:32 +00:00
Rachel Baker
5564716a07
REST API: Modify the structure of our DELETE responses to be more explicit.
...
Add the `deleted` property to the root of the Response object to communicate if the delete action was successful. Move the state of the resource prior to the delete request under a new `previous` property. As a result DELETE responses are now structured like so:
`{ deleted: true, previous: { ... } }`
Also includes helpful information to DELETE requests for resources that are not trashable.
Props timmydcrawford, rmccue, jnylen0.
Fixes #38494 .
Built from https://develop.svn.wordpress.org/trunk@39126
git-svn-id: http://core.svn.wordpress.org/trunk@39066 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-04 17:11:29 +00:00
Ryan McCue
721cf281a3
REST API: Only provide JSON error code on PHP 5.3+.
...
json_last_error() was only added to PHP 5.3.0, so we can't provide the information for older versions.
See #38547 .
Built from https://develop.svn.wordpress.org/trunk@39111
git-svn-id: http://core.svn.wordpress.org/trunk@39053 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-03 04:57:30 +00:00
Joe Hoyle
6b08485cfa
REST API: Return error when JSON decoding fails.
...
If you send a request to the REST API with invalid JSON in body than it will now return a error. This assists developers if they accidentally send invalid JSON and wonder why their data appears to be ignored.
Props rmccue.
Fixes #38547 .
Built from https://develop.svn.wordpress.org/trunk@39109
git-svn-id: http://core.svn.wordpress.org/trunk@39051 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-03 04:05:36 +00:00
Rachel Baker
8c9f4f812a
REST API: Return a `WP_Error` when a user does not have permission to create or update a post with the provided terms.
...
Add the 'assign_term' check for post create and update.
Props boonebgorges, johnbillion.
Fixes #38505 .
Built from https://develop.svn.wordpress.org/trunk@39108
git-svn-id: http://core.svn.wordpress.org/trunk@39050 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-03 03:16:30 +00:00
Joe Hoyle
d544c6ddd0
REST API: Switch to stable version of JSON Schema.
...
Props danielbachhuber.
Fixes #38635 .
Built from https://develop.svn.wordpress.org/trunk@39106
git-svn-id: http://core.svn.wordpress.org/trunk@39048 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-03 02:22:29 +00:00
Rachel Baker
dcb12c35cf
REST API: Clean-up our validation callbacks and add missing array `items` properties in our endpoint schemas.
...
Props joehoyle, jnylen0.
Fixes #38617 .
Built from https://develop.svn.wordpress.org/trunk@39105
git-svn-id: http://core.svn.wordpress.org/trunk@39047 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-03 02:18:29 +00:00
Joe Hoyle
901c4ed17a
REST API: Support querying for multiple post statuses.
...
Multiple post statuses can be specified by the usual CSV or array-propper format.
Props jnylen0, kadamwhite, websupporter.
Fixes #38420 .
Built from https://develop.svn.wordpress.org/trunk@39104
git-svn-id: http://core.svn.wordpress.org/trunk@39046 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-03 01:46:29 +00:00
Rachel Baker
676ae9fc2b
REST API: Use the `items` attribute for the taxonomies `types` schema property for proper sanitization/validation.
...
Props danielbachhuber, joehoyle.
Fixes #38631 .
Built from https://develop.svn.wordpress.org/trunk@39103
git-svn-id: http://core.svn.wordpress.org/trunk@39045 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-03 01:26:28 +00:00
Rachel Baker
94ab2f9b16
REST API: Return an error when the length of a comment field is too long.
...
Introduces `wp_check_comment_data_max_lengths()` which allows both the REST API comments endpoints and `wp_handle_comment_submission()` to check the length of the comment content, author name, author url, and author email fields against their respective database columns.
Props rachelbaker, mangeshp, salcode, pento.
Fixes #38477 .
Built from https://develop.svn.wordpress.org/trunk@39101
git-svn-id: http://core.svn.wordpress.org/trunk@39043 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-03 01:12:31 +00:00
Joe Hoyle
5666292dda
REST API: Include `taxonomies` as an attribute of post types.
...
Add the taxonomies for a post type to the `/wp/v2/types` endpoint, so clients know which taxonomies are available for which post types.
Props danielbachhuber.
Fixes #38438 , #38631 .
Built from https://develop.svn.wordpress.org/trunk@39097
git-svn-id: http://core.svn.wordpress.org/trunk@39039 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 21:51:30 +00:00
Joe Hoyle
37858faf96
REST API: Add en_US to the locales enum.
...
Props ocean90.
Fixes #38528 .
Built from https://develop.svn.wordpress.org/trunk@39096
git-svn-id: http://core.svn.wordpress.org/trunk@39038 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 21:21:32 +00:00
Ryan McCue
34cf5d8934
REST API: Allow querying for multiple `slug` values.
...
Props jnylen0, rachelbaker.
Fixes #38579 .
Built from https://develop.svn.wordpress.org/trunk@39093
git-svn-id: http://core.svn.wordpress.org/trunk@39035 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 07:14:29 +00:00
Ryan McCue
624def0ec3
REST API: Add update and delete endpoints to /users/me
...
Now that /users/me is a standalone resource, it should have all the standard endpoints for a resource.
Props pento.
Fixes #38521 (hopefully).
Built from https://develop.svn.wordpress.org/trunk@39092
git-svn-id: http://core.svn.wordpress.org/trunk@39034 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 06:53:32 +00:00
Ryan McCue
3fef086ede
REST API: Set default sanitize callback if type is set.
...
Props joehoyle, ChopinBach, jnylen0.
Fixes #38593 .
Built from https://develop.svn.wordpress.org/trunk@39091
git-svn-id: http://core.svn.wordpress.org/trunk@39033 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 06:28:29 +00:00
Ryan McCue
862724274e
REST API: Add locale to user resource.
...
Props ocean90, joehoyle.
Fixes #38528 .
Built from https://develop.svn.wordpress.org/trunk@39090
git-svn-id: http://core.svn.wordpress.org/trunk@39032 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 06:24:29 +00:00
Ryan McCue
a911bf7e2c
REST API: Avoid default sanitization for polymorphic params.
...
Some parameters (`title`, `content`, etc) are objects in the output, but allow objects or strings to be sent in updates for a more ergonomic interface. This is pretty weird behaviour, so the default sanitisation doesn't handle this. We instead handle this ourselves in the preparation.
Props joehoyle, rachelbaker.
Fixes #38529 .
Built from https://develop.svn.wordpress.org/trunk@39089
git-svn-id: http://core.svn.wordpress.org/trunk@39031 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 06:02:29 +00:00
Ryan McCue
d7bdd72510
REST API: Change method of merging parameters.
...
`array_merge()` incorrectly reindexes numeric parameters, causing things like `{"123": true}` to be "dropped".
Props sswells, joehoyle.
Fixes #38306 .
Built from https://develop.svn.wordpress.org/trunk@39087
git-svn-id: http://core.svn.wordpress.org/trunk@39029 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 05:53:31 +00:00
Ryan McCue
ba039f7546
REST API: Remove the Location redirect for the /users/me endpoint.
...
This is a re-commit of [38980], which was reverted in [38990].
Props youknowriad, jnylen0, pento.
Fixes #38521 .
Built from https://develop.svn.wordpress.org/trunk@39085
git-svn-id: http://core.svn.wordpress.org/trunk@39027 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 03:44:30 +00:00
Ryan McCue
08ea66490b
REST API: Only expose formats supported by the current theme.
...
While it's valid to save any format to the database, and WordPress is totally fine with that, we should only include the formats specified by the theme in the schema.
Props danielbachhuber.
Fixes #38610 .
Built from https://develop.svn.wordpress.org/trunk@39084
git-svn-id: http://core.svn.wordpress.org/trunk@39026 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-02 03:37:32 +00:00
Joe Hoyle
f1591eccca
REST API: Add support for "integer" type for meta and options
...
Previously Settings only supported "number" which meant it was possible to push floats to things like posts_per_page. This means now developers can also specify `type => ineger` in meta nad settings resgration.
Props flixos90.
Fixes #38393 .
Built from https://develop.svn.wordpress.org/trunk@39058
git-svn-id: http://core.svn.wordpress.org/trunk@39000 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 16:07:31 +00:00
Gary Pendergast
03e34ab461
REST API: Allow a CSV list of user roles to be passed to `/users`.
...
After [39048], this changes explicitly parses the list of user roles as slugs, and adds tests.
Props jnylen0.
Fixes #38557 .
Built from https://develop.svn.wordpress.org/trunk@39056
git-svn-id: http://core.svn.wordpress.org/trunk@38998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 11:11:29 +00:00
Gary Pendergast
9862543913
REST API: Allow a CSV list of term IDs to be passed to `/posts`.
...
[39048] added CSV support to array types, this change explicitly parses term lists as IDs, and adds tests.
Props timmydcrawford, pento.
Fixes #38553 .
Built from https://develop.svn.wordpress.org/trunk@39055
git-svn-id: http://core.svn.wordpress.org/trunk@38997 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 11:06:31 +00:00
Drew Jaynes
5f4497f0af
Docs: Fix multiple trivial typos throughout a variety of core files.
...
Props ottok.
Fixes #38489 .
Built from https://develop.svn.wordpress.org/trunk@39051
git-svn-id: http://core.svn.wordpress.org/trunk@38993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 06:28:32 +00:00
Drew Jaynes
9635867540
Docs: The `query_vars` filter used in the REST posts controller should be notated as a duplicate rather than a new hook.
...
See #38398 .
Built from https://develop.svn.wordpress.org/trunk@39049
git-svn-id: http://core.svn.wordpress.org/trunk@38991 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 05:50:29 +00:00
Ryan McCue
4dab905dba
REST API: Support password on non-post post types.
...
The password field was incorrectly only added to "post" post types, but is supported for all post types in the Dashboard UI.
Props jnylen0.
Fixes #38582 .
Built from https://develop.svn.wordpress.org/trunk@39047
git-svn-id: http://core.svn.wordpress.org/trunk@38989 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 03:53:32 +00:00
Gary Pendergast
6c1e98d1fb
REST API: Add support for arrays in schema validation and sanitization.
...
By allowing more fine-grained validation and sanitisation of endpoint args, we can ensure the correct data is being passed to endpoints.
This can easily be extended to support new data types, such as CSV fields or objects.
Props joehoyle, rachelbaker, pento.
Fixes #38531 .
Built from https://develop.svn.wordpress.org/trunk@39046
git-svn-id: http://core.svn.wordpress.org/trunk@38988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 01:48:41 +00:00
Gary Pendergast
dbc4b87b7f
REST API: Allow Content-Type on CORS requests.
...
This allows `POST` requests with a wider variety of `Content-Type' headers - `Content-Type: application/json`, for example.
Props jnylen0.
Fixes #37994 .
Built from https://develop.svn.wordpress.org/trunk@39044
git-svn-id: http://core.svn.wordpress.org/trunk@38986 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 00:34:33 +00:00
Drew Jaynes
993b3a5c6e
Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Users_Controller` class.
...
Props Soean, mrahmadawais, flixos90.
See #38398 .
Built from https://develop.svn.wordpress.org/trunk@39036
git-svn-id: http://core.svn.wordpress.org/trunk@38978 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 18:52:30 +00:00
Drew Jaynes
b8f14e00ef
Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_User_Meta_Fields` class.
...
Props Soean, mrahmadawais, flixos90.
See #38398 .
Built from https://develop.svn.wordpress.org/trunk@39034
git-svn-id: http://core.svn.wordpress.org/trunk@38976 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 18:28:30 +00:00
Drew Jaynes
90c17ccbf1
Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Terms_Controller` class.
...
Props Soean, mrahmadawais, flixos90.
See #38398 .
Built from https://develop.svn.wordpress.org/trunk@39033
git-svn-id: http://core.svn.wordpress.org/trunk@38975 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 18:21:30 +00:00
Drew Jaynes
b71e62b9eb
Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Term_Meta_Fields` class.
...
Props Soean, mrahmadawais, flixos90.
See #38398 .
Built from https://develop.svn.wordpress.org/trunk@39032
git-svn-id: http://core.svn.wordpress.org/trunk@38974 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 18:09:32 +00:00
Drew Jaynes
7d7d0c8599
Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Taxonomies_Controller` class.
...
Props Soean, mrahmadawais, flixos90.
See #38398 .
Built from https://develop.svn.wordpress.org/trunk@39031
git-svn-id: http://core.svn.wordpress.org/trunk@38973 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 18:07:33 +00:00
Drew Jaynes
5dfa0c4cee
Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Settings_Controller` class.
...
Props Soean, mrahmadawais, flixos90.
See #38398 .
Built from https://develop.svn.wordpress.org/trunk@39030
git-svn-id: http://core.svn.wordpress.org/trunk@38972 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 18:01:30 +00:00
Drew Jaynes
2452f69485
REST: Fix some errant `else if` conditions and add a few missing periods on inline comments.
...
Props mrahmadawais.
See #38398 .
Built from https://develop.svn.wordpress.org/trunk@39029
git-svn-id: http://core.svn.wordpress.org/trunk@38971 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 17:54:30 +00:00
Drew Jaynes
596ee8bc9d
Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Revisions_Controller` class.
...
Props Soean, mrahmadawais, flixos90.
See #38398 .
Built from https://develop.svn.wordpress.org/trunk@39028
git-svn-id: http://core.svn.wordpress.org/trunk@38970 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 17:50:29 +00:00
Drew Jaynes
1ef0a5514e
REST: Fix a yoda condition in `WP_REST_Request::get_parameter_order()` and add a missing period for an inline comment in `WP_REST_Request::from_url().
...
Props mrahmadawais.
See #38398 .
Built from https://develop.svn.wordpress.org/trunk@39027
git-svn-id: http://core.svn.wordpress.org/trunk@38969 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 17:42:45 +00:00
Drew Jaynes
e84b257852
Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Posts_Controller` class.
...
Props Soean, mrahmadawais, flixos90, DrewAPicture.
See #38398 .
Built from https://develop.svn.wordpress.org/trunk@39026
git-svn-id: http://core.svn.wordpress.org/trunk@38968 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 17:37:35 +00:00
Drew Jaynes
7d488bd2b1
Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Post_Types_Controller` class.
...
Props Soean, mrahmadawais, flixos90.
See #38398 .
Built from https://develop.svn.wordpress.org/trunk@39025
git-svn-id: http://core.svn.wordpress.org/trunk@38967 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 16:51:30 +00:00
Drew Jaynes
04f0340a96
Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Post_Statuses_Controller` class.
...
Props Soean, mrahmadawais, flixos90.
See #38398 .
Built from https://develop.svn.wordpress.org/trunk@39024
git-svn-id: http://core.svn.wordpress.org/trunk@38966 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 16:44:38 +00:00
Drew Jaynes
c4df9d63ba
Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Post_Meta_Fields` class.
...
Props Soean, mrahmadawais, flixos90.
See #38398 .
Built from https://develop.svn.wordpress.org/trunk@39023
git-svn-id: http://core.svn.wordpress.org/trunk@38965 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 16:36:32 +00:00
Drew Jaynes
9ce98d98ac
Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Meta_Fields` class.
...
Props Soean, mrahmadawais, flixos90.
See #38398 .
Built from https://develop.svn.wordpress.org/trunk@39022
git-svn-id: http://core.svn.wordpress.org/trunk@38964 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 16:33:30 +00:00
Drew Jaynes
718f9fe868
Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Controller` class.
...
Props Soean, mrahmadawais, flixos90.
See #38398 .
Built from https://develop.svn.wordpress.org/trunk@39021
git-svn-id: http://core.svn.wordpress.org/trunk@38963 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 16:20:29 +00:00
Drew Jaynes
e2e47a192d
Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Comments_Controller` class.
...
Props Soean, mrahmadawais, flixos90.
See #38398 .
Built from https://develop.svn.wordpress.org/trunk@39015
git-svn-id: http://core.svn.wordpress.org/trunk@38957 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 06:55:30 +00:00
Drew Jaynes
7d25657c01
Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Comment_Meta_Fields` class.
...
Props Soean, mrahmadawais, flixos90.
See #38398 .
Built from https://develop.svn.wordpress.org/trunk@39014
git-svn-id: http://core.svn.wordpress.org/trunk@38956 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 06:34:31 +00:00
Drew Jaynes
08b0407367
Docs: Add much more complete and syntactically correct documentation throughout the `WP_REST_Attachments_Controller` class.
...
Props Soean, mrahmadawais, flixos90.
See #38398 .
Built from https://develop.svn.wordpress.org/trunk@39011
git-svn-id: http://core.svn.wordpress.org/trunk@38953 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 05:40:37 +00:00
Gary Pendergast
60eb1ddc5c
REST API: Revert [38980].
...
`/users/me` still needs attention, but this change wasn't quite ready.
See #38521 .
Built from https://develop.svn.wordpress.org/trunk@38990
git-svn-id: http://core.svn.wordpress.org/trunk@38933 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-28 02:07:35 +00:00
Rachel Baker
4a37a04d0f
REST API: Return `WP_Error` when a client is attempting to update an option with a non-scalar value to `null`.
...
A `null` value is returned in the response for any option that has a non-scalar value.
To protect clients from accidentally including the `null` values from a response object in a request, we do not allow options with non-scalar values to be updated to `null`. Without this added protection a client could mistakenly delete all options that have non-scalar values from the database.
Props joehoyle, rachelbaker.
Fixes #38527 .
Built from https://develop.svn.wordpress.org/trunk@38982
git-svn-id: http://core.svn.wordpress.org/trunk@38925 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-27 16:08:45 +00:00
Rachel Baker
d42acc530c
REST API: Remove the Location header redirect for the /users/me endpoint.
...
Props youknowriad jnylen0.
Fixes #38521 .
Built from https://develop.svn.wordpress.org/trunk@38980
git-svn-id: http://core.svn.wordpress.org/trunk@38923 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-27 14:37:36 +00:00
Boone Gorges
493f76a3d2
REST API: Use `wp_get_object_terms()` when fetching terms for a post object.
...
The WP-API plugin originally used a custom method for fetching object
terms in a way that supported the object cache and also accepted all
parameters for `get_terms()`. In [38667], the internals of
`wp_get_object_terms()` were modified to use `WP_Term_Query`, thus
delivering in a native fashion the features that the API had
previously achieved bespokely.
Fixes #38504 .
Built from https://develop.svn.wordpress.org/trunk@38974
git-svn-id: http://core.svn.wordpress.org/trunk@38917 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-27 01:42:32 +00:00
Rachel Baker
d359ffc270
REST API: Remove experimental `filter` wrapper parameter from the Posts Controller class.
...
Hiding WP_Query params under the filter key (instead of allowing them to be top-level params) was one of our biggest complaints from users of v1 of our REST API. This walks back the re-introduction of the `filter` param during Beta 15, which introduced an "inconsistent mess" and "exposing WP_Query through filter has and will continue to be difficult to support." See https://github.com/WP-API/WP-API/issues/2799 .
Props websupporter, rachelbaker.
Fixes #38378 .
Built from https://develop.svn.wordpress.org/trunk@38968
git-svn-id: http://core.svn.wordpress.org/trunk@38911 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-26 21:37:31 +00:00
Boone Gorges
91b518a716
REST API: Use term-specific caps for permission checks in term update and delete endpoints.
...
See #38505 .
Built from https://develop.svn.wordpress.org/trunk@38960
git-svn-id: http://core.svn.wordpress.org/trunk@38903 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-26 14:52:29 +00:00
Rachel Baker
0c2a6184eb
REST API: Add constructor to the `WP_REST_Settings_Controller` class.
...
Provides consistency with the other API endpoint controller classes.
Props Soean.
Fixes #38429 .
Built from https://develop.svn.wordpress.org/trunk@38954
git-svn-id: http://core.svn.wordpress.org/trunk@38897 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-26 13:45:47 +00:00
Gary Pendergast
6b4357e14b
REST API: Deprecate the `rest_enabled` filter.
...
As the REST API becomes more integral to WordPress Core, turning it off will cause a... suboptimal experience. If we don't want it to be turned off, the off switch needs to be removed.
Props jorbin, pento.
Fixes #38446 .
Built from https://develop.svn.wordpress.org/trunk@38947
git-svn-id: http://core.svn.wordpress.org/trunk@38890 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-26 06:28:30 +00:00
Rachel Baker
b13da6ae73
REST API: Add missing sanitization callback for the `hide_empty` parameter of the Terms Controller.
...
Fixes a bug where the boolean parameter `hide_empty` was not being properly sanitized in the Terms controller.
Props websupporter.
Fixes #38465 .
Built from https://develop.svn.wordpress.org/trunk@38942
git-svn-id: http://core.svn.wordpress.org/trunk@38885 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-26 02:29:30 +00:00
Joe Hoyle
e8a311ed02
REST API: Validate posts status enum
...
Currently we are using a different validate callback, so the `enum` is not interpretted. We just have to fallback to the result of `rest_validate_request_arg` in our custom wrapper function.
Fixes #38417 .
Built from https://develop.svn.wordpress.org/trunk@38911
git-svn-id: http://core.svn.wordpress.org/trunk@38854 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-25 17:13:28 +00:00
Rachel Baker
cdce9d5dac
REST API: Allow comments to be created setting the user_agent parameter.
...
As of WordPress 4.3 the `wp_new_comment()` function has been updated to allow the comment_agent value to be set when a comment is created. The comments API endpoint now allows the comment author's user agent to be set when creating a comment.
Also, the `readonly` property on the `author_user_agent` parameter in the schema was removed.
Props rabmalin for the initial patch.
Fixes #38425 .
Built from https://develop.svn.wordpress.org/trunk@38864
git-svn-id: http://core.svn.wordpress.org/trunk@38807 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-21 18:28:32 +00:00
Rachel Baker
e4a7c0a397
REST API: Introduce the Content API endpoints.
...
REST API endpoints for your WordPress content. These endpoints provide machine-readable external access to your WordPress site with a clear, standards-driven interface, allowing new and innovative apps for interacting with your site. These endpoints support all of the following:
- Posts: Read and write access to all post data, for all types of post-based data, including pages and media.
- Comments: Read and write access to all comment data. This includes pingbacks and trackbacks.
- Terms: Read and write access to all term data.
- Users: Read and write access to all user data. This includes public access to some data for post authors.
- Meta: Read and write access to metadata for posts, comments, terms, and users, on an opt-in basis from plugins.
- Settings: Read and write access to settings, on an opt-in basis from plugins and core. This enables API management of key site content values that are technically stored in options, such as site title and byline.
Love your REST API, WordPress! The infrastructure says, "Let's do lunch!" but the content API endpoints say, "You're paying!"
Props rmccue, rachelbaker, danielbachhuber, joehoyle, adamsilverstein, afurculita, ahmadawais, airesvsg, alisspers, antisilent, apokalyptik, artoliukkonen, attitude, boonebgorges, bradyvercher, brianhogg, caseypatrickdriscoll, chopinbach, chredd, christianesperar, chrisvanpatten, claudiolabarbera, claudiosmweb, cmmarslender, codebykat, coderkevin, codfish, codonnell822, daggerhart, danielpunkass, davidbhayes, delphinus, desrosj, dimadin, dotancohen, DrewAPicture, Dudo1985, duncanjbrown, eherman24, eivhyl, eliorivero, elyobo, en-alis, ericandrewlewis, ericpedia, evansobkowicz, fjarrett, frozzare, georgestephanis, greatislander, guavaworks, hideokamoto, hkdobrev, hubdotcom, hurtige, iandunn, ircrash, ironpaperweight, iseulde, Japh, jaredcobb, JDGrimes, jdolan, jdoubleu, jeremyfelt, jimt, jjeaton, jmusal, jnylen0, johanmynhardt, johnbillion, jonathanbardo, jorbin, joshkadis, JPry, jshreve, jtsternberg, JustinSainton, kacperszurek, kadamwhite, kalenjohnson, kellbot, kjbenk, kokarn, krogsgard, kuchenundkakao, kuldipem, kwight, lgedeon, lukepettway, mantismamita, markoheijnen, matrixik, mattheu, mauteri, maxcutler, mayukojpn, michael-arestad, miyauchi, mjbanks, modemlooper, mrbobbybryant, NateWr, nathanrice, netweb, NikV, nullvariable, oskosk, oso96_2000, oxymoron, pcfreak30, pento, peterwilsoncc, Pezzab, phh, pippinsplugins, pjgalbraith, pkevan, pollyplummer, pushred, quasel, QWp6t, schlessera, schrapel, Shelob9, shprink, simonlampen, Soean, solal, tapsboy, tfrommen, tharsheblows, thenbrent, tierra, tlovett1, tnegri, tobych, Toddses, toro_unit, traversal, vanillalounge, vishalkakadiya, wanecek, web2style, webbgaraget, websupporter, westonruter, whyisjake, wonderboymusic, wpsmith, xknown, zyphonic.
Fixes #38373 .
Built from https://develop.svn.wordpress.org/trunk@38832
git-svn-id: http://core.svn.wordpress.org/trunk@38775 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-20 02:55:32 +00:00
Dominik Schilling
ae2ff33c91
Docs: Improve formatting of filter docs added in [38689].
...
Fixes #35590 .
Built from https://develop.svn.wordpress.org/trunk@38749
git-svn-id: http://core.svn.wordpress.org/trunk@38692 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-07 19:24:28 +00:00
Joe Hoyle
d72da116be
REST API: Add filters to allow creating REST API middleware plugins.
...
Introduce two new filters: `rest_request_before_callbacks` and `rest_request_after_callbacks` to
assist REST API middleware plugins to perform pre-callback and cleanup hooks such as `switch_to_blog()`
or caching implementations.
Props jnylen0.
Fixes #35590 .
Built from https://develop.svn.wordpress.org/trunk@38689
git-svn-id: http://core.svn.wordpress.org/trunk@38632 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-30 20:12:28 +00:00
Joe Hoyle
794dd5d8cb
REST API: Enable sanitize_callback to return WP_Error.
...
Give developers the opportunity to reject incoming data without using the validation callback. It also enables us to do sanitization and validation in one function in instances where this could be useful.
Props websupporter, rmccue.
Fixes #37560 .
Built from https://develop.svn.wordpress.org/trunk@38601
git-svn-id: http://core.svn.wordpress.org/trunk@38544 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-14 15:50:29 +00:00
Dominik Schilling
97bf32c66a
Text Changes: Unify/merge two more permission error messages.
...
Props ramiy.
Fixes #34521 .
Built from https://develop.svn.wordpress.org/trunk@38037
git-svn-id: http://core.svn.wordpress.org/trunk@37978 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-12 11:45:29 +00:00
Rachel Baker
e5fcbb3514
REST API: Reverse order of setting sanitization/validation, validating prior to sanitizing.
...
Fixes mistake in the current behavior, where the sanitization callback ran before the validation callback. Now the validation callback will run before the sanitization.
Props schlessera, rachelbaker.
See #37247 .
Fixes #37192 .
Built from https://develop.svn.wordpress.org/trunk@37943
git-svn-id: http://core.svn.wordpress.org/trunk@37884 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-02 23:03:27 +00:00
Rachel Baker
a475d0a161
REST API: Include auto-discovery Link header when serving API requests.
...
The Link header allows clients to verify if a site has made the REST API available, as well as indicating how to access it.
Props danielbachhuber.
Fixes #35580 .
Built from https://develop.svn.wordpress.org/trunk@37903
git-svn-id: http://core.svn.wordpress.org/trunk@37844 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-29 01:57:55 +00:00
Rachel Baker
228c60a222
REST API: Include X-Robots-Tag: noindex header in REST API responses to prevent endpoints from being indexed by search engines.
...
Prevent duplicate content issues with search engines and REST API endpoint response data.
Fixes #36390 .
Props m_uysl for the initial patch.
Built from https://develop.svn.wordpress.org/trunk@37726
git-svn-id: http://core.svn.wordpress.org/trunk@37692 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-16 14:59:28 +00:00
Peter Wilson
47d26cd9fb
DOCS: Replace HTTP links with HTTPS.
...
Replaces unsecure links in documentation and translator comments with their secure versions.
Props johnpgreen, netweb
Fixes #36993
Built from https://develop.svn.wordpress.org/trunk@37674
git-svn-id: http://core.svn.wordpress.org/trunk@37640 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-10 04:50:33 +00:00
Rachel Baker
99cca27041
REST API: Create the general `wp_check_jsonp_callback()` function for validating JSONP callback functions.
...
Move the REST API JSONP callback validation check into a separate function named `wp_check_jsonp_callback()`. This allows plugins to use the built-in validation when handling JSONP callbacks.
Extremely Important Note: If you send JSONP in your custom response, make sure you prefix the response with `/**/`. This will mitigate the Rosetta Flash exploit. You should also send the `X-Content-Type-Options:nosniff` header, or even better, use the REST API infrastructure.
Props rmccue.
Fixes #28523 .
Built from https://develop.svn.wordpress.org/trunk@37646
git-svn-id: http://core.svn.wordpress.org/trunk@37612 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-06-06 21:34:28 +00:00
Drew Jaynes
f03eef071e
Docs: Standardize hook docs in wp-includes/rest-api/* to use third-person singular verbs per the inline documentation standards for PHP.
...
See #36913 .
Built from https://develop.svn.wordpress.org/trunk@37490
git-svn-id: http://core.svn.wordpress.org/trunk@37458 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-22 18:08:29 +00:00
Drew Jaynes
b1804afeaf
Docs: Standardize on 'backward compatibility/compatible' nomenclature in core inline docs.
...
Also use 'back-compat' in some inline comments where backward compatibility is the subject and shorthand feels more natural.
Note: 'backwards compatibility/compatibile' can also be considered correct, though it's primary seen in regular use in British English.
Props ocean90.
Fixes #36835 .
Built from https://develop.svn.wordpress.org/trunk@37431
git-svn-id: http://core.svn.wordpress.org/trunk@37397 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-13 18:41:31 +00:00
Drew Jaynes
fe3b007fdd
Docs: Remove inline `@see` tags from function, class, and method references in inline docs.
...
Known functions, classes, and methods are now auto-linked in Code Reference pages following #meta1483.
Note: Hook references are still linked via inline `@see` tags due to the unlikelihood of reliably matching for known hooks based on a RegEx pattern.
See #32246 .
Built from https://develop.svn.wordpress.org/trunk@37342
git-svn-id: http://core.svn.wordpress.org/trunk@37308 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-05-02 04:00:28 +00:00
Mark Jaquith
31152de134
REST API: Deliver parameters unadulterated instead of slashed.
...
We goofed, and parameters accessed through the REST API's methods
were slashed (inconsistently, even). This unslashes the data, so
you get the un-messed-with data that was sent.
Props joehoyle.
Fixes #36419 .
Built from https://develop.svn.wordpress.org/trunk@37163
git-svn-id: http://core.svn.wordpress.org/trunk@37130 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-04-06 21:02:28 +00:00
Joe Hoyle
a07988c1c5
REST API: Provide better method for generating CURIEs
...
In [36533] CURIEs were added to the API responses for the link relation URIs, this makes
it a lot easier for clients to look up links by relation. That patch was functional, but
broke on edge cases such as embedded responses and collection items with links in the items.
This patch instead takes a less obtrusive approach by creating a new `get_compact_response_links`
to compliment `get_response_links` making both old and new functionality available.
Also the regex for curie relations has been relaxed to `.+` as rel names can have any uri-valid charector in it.
Fixes #34729 .
Built from https://develop.svn.wordpress.org/trunk@37041
git-svn-id: http://core.svn.wordpress.org/trunk@37008 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-22 00:16:27 +00:00
Rachel Baker
6edbcc88ff
REST API: Add `home_url` to API index to avoid confusion with `site_url`.
...
Confusion abound, the API index is the generic term `url` to display the `site_url`. New `home` key will display the `home_url` in the index as well.
Fixes #35647 .
Built from https://develop.svn.wordpress.org/trunk@37031
git-svn-id: http://core.svn.wordpress.org/trunk@36998 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-17 19:16:29 +00:00
Rachel Baker
76d14c1d24
REST API: Remove unused variable `$api_root` from WP_Rest_Server->embed_links() method.
...
After [r36674] the variable `$api_root` is no longer used in this method and should be removed.
See #35803 .
Built from https://develop.svn.wordpress.org/trunk@37021
git-svn-id: http://core.svn.wordpress.org/trunk@36988 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-16 21:41:28 +00:00
Drew Jaynes
a65c79b3d2
Docs: Use a third-person singular verb in the DocBlock summary for `WP_REST_Response::get_curies()`, introduced in [36533].
...
Also adds a missing return description.
See #34729 . See #35986 .
Built from https://develop.svn.wordpress.org/trunk@37015
git-svn-id: http://core.svn.wordpress.org/trunk@36982 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-16 16:54:26 +00:00
Drew Jaynes
ddf7375217
Docs: Improve parameter description syntax in the hook doc for the `rest_request_from_url` filter, introduced in [36673].
...
See #35803 . See #35986 ,
Built from https://develop.svn.wordpress.org/trunk@37014
git-svn-id: http://core.svn.wordpress.org/trunk@36981 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-16 16:52:27 +00:00
Drew Jaynes
408da605e4
Docs: Improve the DocBlock for `WP_REST_Request::from_url()`, introduced in [36673].
...
See #35803 . See #35986 .
Built from https://develop.svn.wordpress.org/trunk@37013
git-svn-id: http://core.svn.wordpress.org/trunk@36980 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-03-16 16:50:27 +00:00
Ryan McCue
937b0c3241
REST API: Use WP_REST_Request::from_url() when embedding.
...
See #35803 .
Built from https://develop.svn.wordpress.org/trunk@36674
git-svn-id: http://core.svn.wordpress.org/trunk@36641 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-24 04:20:25 +00:00
Ryan McCue
0b7e133054
REST API: Add WP_REST_Request::from_url()
...
Allows converting a REST URL into a Request object.
Props danielbachhuber.
Fixes #35803 .
Built from https://develop.svn.wordpress.org/trunk@36673
git-svn-id: http://core.svn.wordpress.org/trunk@36640 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-24 04:01:26 +00:00
Drew Jaynes
a0aa608970
Docs: Improve documentation for `WP_REST_Request` to highlight a caveat of ArrayAccess when it comes to passing similar arguments for multiple request methods.
...
Props danielbachhuber, DrewAPicture.
Fixes #35799 .
Built from https://develop.svn.wordpress.org/trunk@36636
git-svn-id: http://core.svn.wordpress.org/trunk@36603 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-23 16:57:26 +00:00
Rachel Baker
9fdb970ceb
Docs: Add missing @since and @access tags to `get_curies` method and filter from r36533
...
See #34729 , #32246 .
Built from https://develop.svn.wordpress.org/trunk@36593
git-svn-id: http://core.svn.wordpress.org/trunk@36560 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-19 23:42:27 +00:00
Drew Jaynes
e020ccd081
Docs: Add formatting to a changelog entry in the hook doc for the `rest_dispatch_request` filter.
...
See [36534]. See #32246 .
Built from https://develop.svn.wordpress.org/trunk@36576
git-svn-id: http://core.svn.wordpress.org/trunk@36543 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-18 18:18:25 +00:00
Ryan McCue
3e65236aa7
REST API: Apply rest_post_dispatch to embedded responses.
...
Fixes #35628 .
Props @danielbachhuber.
Built from https://develop.svn.wordpress.org/trunk@36536
git-svn-id: http://core.svn.wordpress.org/trunk@36503 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-16 06:06:27 +00:00
Ryan McCue
03ba67a0b7
REST API: Allow explicit HEAD callbacks.
...
HEAD callbacks can now be registered independently, with the GET
callback still used as a fallback.
Fixes #34841 .
Built from https://develop.svn.wordpress.org/trunk@36535
git-svn-id: http://core.svn.wordpress.org/trunk@36502 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-16 05:51:26 +00:00
Ryan McCue
0438795671
REST API: Add routing args to rest_dispatch_request filter.
...
This allows requests to be hijacked via the filter more easily.
Fixes #35507 .
Built from https://develop.svn.wordpress.org/trunk@36534
git-svn-id: http://core.svn.wordpress.org/trunk@36501 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-16 04:40:26 +00:00
Ryan McCue
47bee5157b
REST API: Add support for CURIEs.
...
CURIEs are Compact URIs, which provide a more usable way to use
custom relations in the API. The `wp` CURIE is registered by default
for `https://api.w.org/ ` URI relations.
Fixes #34729 .
Props joehoyle.
Built from https://develop.svn.wordpress.org/trunk@36533
git-svn-id: http://core.svn.wordpress.org/trunk@36500 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-02-16 02:19:27 +00:00
Joe Hoyle
ee94a28953
REST API: Improve formatting of failed validation errors.
...
If a validation_callback returns a WP_Error it should give the same response format as if it returned `false`. This makes programmatically reading the validation errors better.
Props bradyvercher for initial patch.
Fixes #35028 .
Built from https://develop.svn.wordpress.org/trunk@35890
git-svn-id: http://core.svn.wordpress.org/trunk@35854 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-12 18:23:28 +00:00
Scott Taylor
4ae83ec7ec
REST API: Core typically sends nocache headers on all auth'ed responses, as in `wp`, `admin-ajax`, etc. Because the REST API infrastructure is hooked in pre-wp, we should be setting this ourselves.
...
Adds unit tests.
Props joehoyle.
Fixes #34832 .
Built from https://develop.svn.wordpress.org/trunk@35773
git-svn-id: http://core.svn.wordpress.org/trunk@35737 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-04 23:36:25 +00:00
Mark Jaquith
6cc98e6fcd
Route HEAD API requests through the GET callback method
...
fixes #34837
props danielbachhuber
Built from https://develop.svn.wordpress.org/trunk@35758
git-svn-id: http://core.svn.wordpress.org/trunk@35722 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-12-03 16:34:25 +00:00
Ryan McCue
d1436af513
REST API: Unabbreviate error string.
...
Props daniel-koskinen.
Fixes #34818 .
Built from https://develop.svn.wordpress.org/trunk@35750
git-svn-id: http://core.svn.wordpress.org/trunk@35714 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-30 09:51:27 +00:00
Ryan McCue
7ce9772866
REST API: Mark WP_REST_Server::get_raw_data as static.
...
This is just a utility function for getting the request body, not
tied to the server class.
Fixes #34768 .
Built from https://develop.svn.wordpress.org/trunk@35741
git-svn-id: http://core.svn.wordpress.org/trunk@35705 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-25 22:22:25 +00:00
Andrew Nacin
1579e45d41
Simplify the include graph after work to split out classes.
...
see #33413 . More details there.
Built from https://develop.svn.wordpress.org/trunk@35718
git-svn-id: http://core.svn.wordpress.org/trunk@35682 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-20 07:24:30 +00:00
John Blackbourn
16502d03f2
Remove `register_api_field()` from core. This is the only core function that utilises the `$wp_rest_additional_fields` global, and doesn't belong as part of the infrastructure.
...
See https://github.com/WP-API/WP-API/pull/1748
Fixes #34730
Built from https://develop.svn.wordpress.org/trunk@35687
git-svn-id: http://core.svn.wordpress.org/trunk@35651 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-18 20:39:26 +00:00
John Blackbourn
407f641cf3
Update `WP_REST_Response::as_error()` to handle the new format error responses introduced in [35653].
...
Props danielbachhuber
Fixes #34551
Built from https://develop.svn.wordpress.org/trunk@35671
git-svn-id: http://core.svn.wordpress.org/trunk@35635 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-18 18:29:26 +00:00
Ryan McCue
0801acbdd8
REST API: Remove redundant "0" parameter.
...
This is just an artifact of how we parse the URL, and is already available
via $request->get_route()
Props danielbachhuber.
Fixes #34647 .
Built from https://develop.svn.wordpress.org/trunk@35659
git-svn-id: http://core.svn.wordpress.org/trunk@35623 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-18 07:24:28 +00:00
Ryan McCue
81ffd2492c
REST API: Optimise for singular error instances.
...
Previously, the API returned a list of errors, as WP_Error can hold multiple
error codes internally. This isn't a particularly common use case, and it
makes handling errors on the client side more complex than it needs to be.
Fixes #34551 .
Built from https://develop.svn.wordpress.org/trunk@35653
git-svn-id: http://core.svn.wordpress.org/trunk@35617 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-17 04:12:26 +00:00
Ryan McCue
9524ebb38e
REST API: Include enum and description in help data.
...
Props lcherpit.
Fixes #34543 .
Built from https://develop.svn.wordpress.org/trunk@35652
git-svn-id: http://core.svn.wordpress.org/trunk@35616 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-17 02:49:28 +00:00
Ryan McCue
b03e036e94
REST API: Require namespace when registering routes.
...
Props danielbachhuber.
Fixes #34416 .
Built from https://develop.svn.wordpress.org/trunk@35651
git-svn-id: http://core.svn.wordpress.org/trunk@35615 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-17 02:39:30 +00:00
Ryan McCue
b0ee5efef2
REST API: Change link relations to api.w.org
...
Fixes #34303 .
Built from https://develop.svn.wordpress.org/trunk@35650
git-svn-id: http://core.svn.wordpress.org/trunk@35614 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-17 02:24:27 +00:00
Dominik Schilling
5403b62a6a
REST API: Use correct `@access` tag for `WP_REST_Request->get_parameter_order()`.
...
Props Frozzare.
Fixes #34624 .
Built from https://develop.svn.wordpress.org/trunk@35612
git-svn-id: http://core.svn.wordpress.org/trunk@35576 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-11 19:39:25 +00:00
Scott Taylor
16637eeee4
REST API: in `WP_REST_Server::dispatch()`, move `preg_match()` out of it's current loop, which doesn't affect the context passed to it.
...
Props TobiasBg.
Fixes #34488 .
Built from https://develop.svn.wordpress.org/trunk@35514
git-svn-id: http://core.svn.wordpress.org/trunk@35478 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-11-04 21:23:25 +00:00
Scott Taylor
a36900c076
REST API: remove the `@internal` annotation from `rest_api_default_filters()`.
...
Props swissspidy, rachelbaker.
Fixes #34219 .
Built from https://develop.svn.wordpress.org/trunk@35474
git-svn-id: http://core.svn.wordpress.org/trunk@35438 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-31 20:08:25 +00:00
John Blackbourn
37c2054778
Remove trailing whitespace introduced in [35351].
...
Props rachelbaker
Unprops johnbillion
Fixes #34512
Built from https://develop.svn.wordpress.org/trunk@35462
git-svn-id: http://core.svn.wordpress.org/trunk@35426 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-30 21:39:25 +00:00
Sergey Biryukov
5d9dc4b8bf
REST API: Use correct version in `_doing_it_wrong()` call.
...
Props TobiasBg.
Fixes #34490 .
Built from https://develop.svn.wordpress.org/trunk@35434
git-svn-id: http://core.svn.wordpress.org/trunk@35398 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-29 20:12:24 +00:00
Sergey Biryukov
e7082e31dd
REST API: Add missing translator comments for deprecated function and argument strings.
...
Props akirk.
Fixes #34486 .
Built from https://develop.svn.wordpress.org/trunk@35433
git-svn-id: http://core.svn.wordpress.org/trunk@35397 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-29 19:04:26 +00:00
Scott Taylor
31e0b06125
REST API: don't load `wp-admin/includes/admin.php` on every request.
...
Props swissspidy.
Fixes #34395 .
Built from https://develop.svn.wordpress.org/trunk@35353
git-svn-id: http://core.svn.wordpress.org/trunk@35319 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-22 16:29:28 +00:00
John Blackbourn
7757d04ce3
Force the REST API URL to use `https` for its scheme when the current request is served over HTTPS and the host name matches that of the REST API URL.
...
This allows sites to use an admin area over HTTPS with the front end over HTTP, and not end up with a cross-protocol problem when using the REST API URL in the admin area.
Fixes #34299
Built from https://develop.svn.wordpress.org/trunk@35351
git-svn-id: http://core.svn.wordpress.org/trunk@35317 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-22 00:08:26 +00:00
John Blackbourn
e552b77739
Revert [34352], pending investigation.
...
See #34299
Built from https://develop.svn.wordpress.org/trunk@35349
git-svn-id: http://core.svn.wordpress.org/trunk@35315 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-21 23:06:30 +00:00
John Blackbourn
f7f5b64a7e
Force the REST API URL to use `https` for its scheme when the current request is served over HTTPS and the host name matches that of the REST API URL.
...
This allows sites to use an admin area over HTTPS with the front end over HTTP, and not end up with a cross-protocol problem when using the REST API URL in the admin area.
Fixes #34299
Built from https://develop.svn.wordpress.org/trunk@35342
git-svn-id: http://core.svn.wordpress.org/trunk@35308 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-21 20:38:50 +00:00
Drew Jaynes
6a51505a23
Docs: Improve the return description in the DocBlock for `rest_send_allow_header()`.
...
Props danielbachhuber.
Fixes #34374 .
Built from https://develop.svn.wordpress.org/trunk@35324
git-svn-id: http://core.svn.wordpress.org/trunk@35290 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-21 13:48:27 +00:00
Sergey Biryukov
116f59af60
REST API: Change nonce name to `_wpnonce`.
...
It's shorter and is compatible with the default name in `wp_nonce_field()`.
Props danielbachhuber.
Fixes #34375 .
Built from https://develop.svn.wordpress.org/trunk@35323
git-svn-id: http://core.svn.wordpress.org/trunk@35289 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-21 08:14:24 +00:00
Drew Jaynes
a92d4f6fcb
Docs: Update the default scheme for `get_rest_url()` from 'json' to 'rest'.
...
Also adds 'rest' to the documented list of schemes for `home_url()`, `get_home_url()`, `set_url_scheme()`, and the `home_url` and `set_url_scheme` hooks.
Props rachelbaker.
Fixes #34300 .
Built from https://develop.svn.wordpress.org/trunk@35274
git-svn-id: http://core.svn.wordpress.org/trunk@35240 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-19 22:39:25 +00:00
Drew Jaynes
fd9bcf111d
Docs: Fix a typo in the `$blog_id` parameter name in the `rest_url` filter doc.
...
Props rachelbaker.
Fixes #34351 .
Built from https://develop.svn.wordpress.org/trunk@35266
git-svn-id: http://core.svn.wordpress.org/trunk@35232 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-18 23:12:25 +00:00
Scott Taylor
c756465146
HTTP/REST API: move `WP_HTTP_Response` to `wp-includes/` with the rest (ha!) of the HTTP classes. This is PHP 5.2, so this class is global, and as per @rmccue, unrelated to REST specifically.
...
See [34930], #33982 .
Built from https://develop.svn.wordpress.org/trunk@34953
git-svn-id: http://core.svn.wordpress.org/trunk@34918 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-10-08 19:27:28 +00:00