Skip to content

Commit 0bdddbc

Browse files
liaisontwliaisontw
committed
REST API: fix object/array validation for JSON strings in GET requestsThis commit aligns GET parameter handling with POST requests by allowingJSON-encoded strings to pass 'object' and 'array' validation andsanitization.- Added JSON coercion in rest_validate_value_from_schema().- Added JSON coercion in rest_sanitize_value_from_schema().- Supports multi-type schemas and uses json_last_error() for safety.Fixes #64926
1 parent 334337a commit 0bdddbc

1 file changed

Lines changed: 38 additions & 0 deletions

File tree

src/wp-includes/rest-api.php

Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2182,6 +2182,25 @@ function rest_get_allowed_schema_keywords() {
21822182
* @return true|WP_Error
21832183
*/
21842184
function rest_validate_value_from_schema( $value, $args, $param = '' ) {
2185+
// Ensure GET requests can handle JSON-encoded objects/arrays,
2186+
// aligning with POST body parsing.
2187+
$type = isset( $args['type'] ) ? $args['type'] : '';
2188+
2189+
$is_structured = ( 'object' === $type || 'array' === $type );
2190+
if ( ! $is_structured && is_array( $type ) ) {
2191+
$is_structured = in_array( 'object', $type, true ) || in_array( 'array', $type, true );
2192+
}
2193+
2194+
if ( is_string( $value ) && $is_structured ) {
2195+
$decoded = json_decode( $value, true );
2196+
2197+
// Verify it's valid JSON and not just a string that looks like one.
2198+
if ( json_last_error() === JSON_ERROR_NONE ) {
2199+
// Additional safety: ensure null values or empty arrays are handled correctly.
2200+
$value = $decoded;
2201+
}
2202+
}
2203+
21852204
if ( isset( $args['anyOf'] ) ) {
21862205
$matching_schema = rest_find_any_matching_schema( $value, $args, $param );
21872206
if ( is_wp_error( $matching_schema ) ) {
@@ -2780,6 +2799,25 @@ function rest_validate_integer_value_from_schema( $value, $args, $param ) {
27802799
* @return mixed|WP_Error The sanitized value or a WP_Error instance if the value cannot be safely sanitized.
27812800
*/
27822801
function rest_sanitize_value_from_schema( $value, $args, $param = '' ) {
2802+
// Ensure GET requests can handle JSON-encoded objects/arrays,
2803+
//aligning with POST body parsing.
2804+
$type = isset( $args['type'] ) ? $args['type'] : '';
2805+
2806+
$is_structured = ( 'object' === $type || 'array' === $type );
2807+
if ( ! $is_structured && is_array( $type ) ) {
2808+
$is_structured = in_array( 'object', $type, true ) || in_array( 'array', $type, true );
2809+
}
2810+
2811+
if ( is_string( $value ) && $is_structured ) {
2812+
$decoded = json_decode( $value, true );
2813+
2814+
// Verify it's valid JSON and not just a string that looks like one.
2815+
if ( json_last_error() === JSON_ERROR_NONE ) {
2816+
// Additional safety: ensure null values or empty arrays are handled correctly.
2817+
$value = $decoded;
2818+
}
2819+
}
2820+
27832821
if ( isset( $args['anyOf'] ) ) {
27842822
$matching_schema = rest_find_any_matching_schema( $value, $args, $param );
27852823
if ( is_wp_error( $matching_schema ) ) {

0 commit comments

Comments
 (0)