Changeset 39109

Timestamp:

11/03/2016 04:04:41 AM (8 years ago)

Author:

joehoyle

Message:

REST API: Return error when JSON decoding fails.

If you send a request to the REST API with invalid JSON in body than it will now return a error. This assists developers if they accidentally send invalid JSON and wonder why their data appears to be ignored.

Props rmccue.
Fixes #38547.

Location:

trunk

Files:

• src/wp-includes/rest-api/class-wp-rest-request.php (modified) (4 diffs)
• tests/phpunit/tests/rest-api/rest-request.php (modified) (1 diff)

trunk/src/wp-includes/rest-api/class-wp-rest-request.php

@@ -652 +652 @@
      *
      * @since 4.4.0
+     * @since 4.7.0 Returns error instance if value cannot be decoded.
      * @access protected
+     * @return true|WP_Error True if the JSON data was passed or no JSON data was provided, WP_Error if invalid JSON was passed.
      */
     protected function parse_json_params() {
         if ( $this->parsed_json ) {
-            return;
+            return true;
         }
 
@@ -665 +667 @@
 
         if ( empty( $content_type ) || 'application/json' !== $content_type['value'] ) {
-            return;
+            return true;
         }
 
@@ -677 +679 @@
          */
         if ( null === $params && ( ! function_exists( 'json_last_error' ) || JSON_ERROR_NONE !== json_last_error() ) ) {
-            return;
+            // Ensure subsequent calls receive error instance.
+            $this->parsed_json = false;
+
+            $error_data = array(
+                'status' => WP_Http::BAD_REQUEST,
+                'json_error_code' => json_last_error(),
+                'json_error_message' => json_last_error_msg(),
+            );
+            return new WP_Error( 'rest_invalid_json', __( 'Invalid JSON body passed.' ), $error_data );
         }
 
         $this->params['JSON'] = $params;
+        return true;
     }
 
@@ -842 +853 @@
      */
     public function has_valid_params() {
+        // If JSON data was passed, check for errors.
+        $json_error = $this->parse_json_params();
+        if ( is_wp_error( $json_error ) ) {
+            return $json_error;
+        }
+
         $attributes = $this->get_attributes();
         $required = array();

trunk/tests/phpunit/tests/rest-api/rest-request.php

@@ -398 +398 @@
         $this->assertWPError( $valid );
         $this->assertEquals( 'rest_invalid_param', $valid->get_error_code() );
+    }
+
+    public function test_has_valid_params_json_error() {
+        if ( version_compare( PHP_VERSION, '5.3', '<' ) ) {
+            return $this->markTestSkipped( 'JSON validation is only available for PHP 5.3+' );
+        }
+
+        $this->request->set_header( 'Content-Type', 'application/json' );
+        $this->request->set_body( '{"invalid": JSON}' );
+
+        $valid = $this->request->has_valid_params();
+        $this->assertWPError( $valid );
+        $this->assertEquals( 'rest_invalid_json', $valid->get_error_code() );
+        $data = $valid->get_error_data();
+        $this->assertEquals( JSON_ERROR_SYNTAX, $data['json_error_code'] );
     }