diff --git a/src/wp-includes/rest-api/class-wp-rest-request.php b/src/wp-includes/rest-api/class-wp-rest-request.php
index 3c465ba..d37ab61 100644
a
|
b
|
class WP_REST_Request implements ArrayAccess { |
818 | 818 | continue; |
819 | 819 | } |
820 | 820 | foreach ( $this->params[ $type ] as $key => $value ) { |
821 | | // if no sanitize_callback was specified, default to rest_parse_request_arg |
822 | | // if a type was specified in the args. |
823 | | if ( ! isset( $attributes['args'][ $key ]['sanitize_callback'] ) && ! empty( $attributes['args'][ $key ]['type'] ) ) { |
824 | | $attributes['args'][ $key ]['sanitize_callback'] = 'rest_parse_request_arg'; |
| 821 | if ( ! isset( $attributes['args'][ $key ] ) ) { |
| 822 | continue; |
| 823 | } |
| 824 | $param_args = $attributes['args'][ $key ]; |
| 825 | |
| 826 | // If the arg has a type but no sanitize_callback attribute, default to rest_parse_request_arg. |
| 827 | if ( ! array_key_exists( 'sanitize_callback', $param_args ) && ! empty( $param_args['type'] ) ) { |
| 828 | $param_args['sanitize_callback'] = 'rest_parse_request_arg'; |
825 | 829 | } |
826 | | // Check if this param has a sanitize_callback added. |
827 | | if ( ! isset( $attributes['args'][ $key ] ) || empty( $attributes['args'][ $key ]['sanitize_callback'] ) ) { |
| 830 | // If there's still no sanitize_callback, nothing to do here. |
| 831 | if ( empty( $param_args['sanitize_callback'] ) ) { |
828 | 832 | continue; |
829 | 833 | } |
830 | 834 | |
831 | | $sanitized_value = call_user_func( $attributes['args'][ $key ]['sanitize_callback'], $value, $this, $key ); |
| 835 | $sanitized_value = call_user_func( $param_args['sanitize_callback'], $value, $this, $key ); |
832 | 836 | |
833 | 837 | if ( is_wp_error( $sanitized_value ) ) { |
834 | 838 | $invalid_params[ $key ] = $sanitized_value->get_error_message(); |
diff --git a/tests/phpunit/tests/rest-api/rest-request.php b/tests/phpunit/tests/rest-api/rest-request.php
index de44844..dd87e2b 100644
a
|
b
|
class Tests_REST_Request extends WP_UnitTestCase { |
342 | 342 | $this->assertEquals( 'rest_invalid_param', $valid->get_error_code() ); |
343 | 343 | } |
344 | 344 | |
| 345 | public function test_sanitize_params_with_null_callback() { |
| 346 | $this->request->set_url_params( array( |
| 347 | 'some_email' => '', |
| 348 | ) ); |
| 349 | |
| 350 | $this->request->set_attributes( array( |
| 351 | 'args' => array( |
| 352 | 'some_email' => array( |
| 353 | 'type' => 'string', |
| 354 | 'format' => 'email', |
| 355 | 'sanitize_callback' => null, |
| 356 | ), |
| 357 | ), |
| 358 | ) ); |
| 359 | |
| 360 | $this->assertTrue( $this->request->sanitize_params() ); |
| 361 | } |
| 362 | |
| 363 | public function test_sanitize_params_with_false_callback() { |
| 364 | $this->request->set_url_params( array( |
| 365 | 'some_uri' => 1.23422, |
| 366 | ) ); |
| 367 | |
| 368 | $this->request->set_attributes( array( |
| 369 | 'args' => array( |
| 370 | 'some_uri' => array( |
| 371 | 'type' => 'string', |
| 372 | 'format' => 'uri', |
| 373 | 'sanitize_callback' => false, |
| 374 | ), |
| 375 | ), |
| 376 | ) ); |
| 377 | |
| 378 | $this->assertTrue( $this->request->sanitize_params() ); |
| 379 | } |
| 380 | |
345 | 381 | public function test_has_valid_params_required_flag() { |
346 | 382 | $this->request->set_attributes( array( |
347 | 383 | 'args' => array( |