WordPress.org

Make WordPress Core

Opened 3 years ago

Closed 3 years ago

#38465 closed defect (bug) (fixed)

`hide_empty` is not sanitized correctly in terms controller

Reported by: websupporter Owned by: rachelbaker
Milestone: 4.7 Priority: normal
Severity: normal Version: 4.7
Component: REST API Keywords: has-unit-tests has-patch
Focuses: Cc:

Description

The terms controller currently does not sanitize the boolean hide_empty. So, if you do categories/hide_empty=false, you will hide them, because the (bool) "false" is true.

Attachments (1)

38465.diff (1.4 KB) - added by websupporter 3 years ago.
Add sanitization and unit test

Download all attachments as: .zip

Change History (4)

@websupporter
3 years ago

Add sanitization and unit test

#1 @websupporter
3 years ago

  • Keywords has-unit-tests has-patch added

#2 @johnbillion
3 years ago

  • Milestone changed from Awaiting Review to 4.7

#3 @rachelbaker
3 years ago

  • Owner set to rachelbaker
  • Resolution set to fixed
  • Status changed from new to closed

In 38942:

REST API: Add missing sanitization callback for the hide_empty parameter of the Terms Controller.

Fixes a bug where the boolean parameter hide_empty was not being properly sanitized in the Terms controller.

Props websupporter.
Fixes #38465.

Note: See TracTickets for help on using tickets.