8000 Disable the schema sanitization on content / excerpt / title · WP-API/WP-API@b780810 · GitHub
[go: up one dir, main page]
Skip to content
This repository was archived by the owner on Sep 24, 2018. It is now read-only.

Commit b780810

Browse files
joehoylejoehoyle
committed
Disable the schema sanitization on content / excerpt / title
polymorphics These values are polymorphic, so we can't do any smart sanitization based off the schema (this sanitization is already implemented in the `prepare_item_for_database()` function). We'll be supporting deep object and array validation from the schema at some point, where we won't want the schema validation for these polymorphic fields. It only happens that we _dont_ validate / sanitize fields of type object right now that these slip through the net.
1 parent d7250a7 commit b780810

File tree

2 files changed

+12
-0
lines changed

2 files changed

+12
-0
lines changed

lib/endpoints/class-wp-rest-comments-controller.php

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -953,6 +953,9 @@ public function get_item_schema() {
953953
'description' => __( 'The content for the object.' ),
954954
'type' => 'object',
955955
'context' => array( 'view', 'edit', 'embed' ),
956+
'arg_options' => array(
957+
'sanitize_callback' => null,
958+
),
956959
'properties' => array(
957960
'raw' => array(
958961
'description' => __( 'Content for the object, as it exists in the database.' ),

lib/endpoints/class-wp-rest-posts-controller.php

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1613,6 +1613,9 @@ public function get_item_schema() {
16131613
'description' => __( 'The title for the object.' ),
16141614
'type' => 'object',
16151615
'context' => array( 'view', 'edit', 'embed' ),
1616+
'arg_options' => array(
1617+
'sanitize_callback' => null,
1618+
),
16161619
'properties' => array(
16171620
'raw' => array(
16181621
'description' => __( 'Title for the object, as it exists in the database.' ),
@@ -1634,6 +1637,9 @@ public function get_item_schema() {
16341637
'description' => __( 'The content for the object.' ),
16351638
'type' => 'object',
16361639
'context' => array( 'view', 'edit' ),
1640+
'arg_options' => array(
1641+
'sanitize_callback' => null,
1642+
),
16371643
'properties' => array(
16381644
'raw' => array(
16391645
'description' => __( 'Content for the object, as it exists in the database.' ),
@@ -1669,6 +1675,9 @@ public function get_item_schema() {
16691675
'description' => __( 'The excerpt for the object.' ),
16701676
'type' => 'object',
16711677
'context' => array( 'view', 'edit', 'embed' ),
1678+
'arg_options' => array(
1679+
'sanitize_callback' => null,
1680+
),
16721681
'properties' => array(
16731682
'raw' => array(
16741683
'description' => __( 'Excerpt for the object, as it exists in the database.' ),

0 commit comments

Comments
 (0)
0