WordPress.org
Get WordPress

Make WordPress Core

Ticket #59234: Perform_json_validate_before_json_decode_on_REST_API_request_data.patch

File Perform_json_validate_before_json_decode_on_REST_API_request_data.patch, 929 bytes (added by nicomollet, 18 months ago)

REST API controller json_validate before json_decode

  • src/wp-includes/rest-api/class-wp-rest-request.php 

    Subject: [PATCH] Perform json_validate before json_decode on REST API request data
---
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
diff --git a/src/wp-includes/rest-api/class-wp-rest-request.php b/src/wp-includes/rest-api/class-wp-rest-request.php
    a b  
    682682                        return true;
    683683                }
    684684
     685                // Perform validation if json_validate is available.
     686                if ( function_exists( 'json_validate' ) && json_validate( $body, true ) === false ) {
     687                        return new WP_Error( 'rest_invalid_json', 'Invalid JSON body passed.' );
     688                }
     689
    685690                $params = json_decode( $body, true );
    686691
    687692                /*