Make WordPress Core

Opened 3 years ago

Closed 3 years ago

Last modified 3 years ago

#49903 closed defect (bug) (duplicate)

Can't post comment with content "0" (string with zero)

Reported by: cawa-93's profile Cawa-93 Owned by:
Milestone: Priority: normal
Severity: major Version: 5.4
Component: REST API Keywords: needs-patch
Focuses: rest-api Cc:


If you try to post a comment with content "0" (string with zero), the server will respond in error as if the content was missing.

Request code. Some headings are omitted as they are not important. Authorization uses plugin "JWT Authentication for WP-API".

fetch("", {
  "headers": {
    "authorization": "Bearer ...",
    "content-type": "application/json"
  "method": "POST",

  "body": `{




  "message":"Invalid comment content.",

Change History (9)

This ticket was mentioned in PR #221 on WordPress/wordpress-develop by cawa-93.

3 years ago

Hi there! Thanks for contributing to WordPress!

Pull Requests in this GitHub repository must be linked to a ticket in the WordPress Core Trac instance (, and are only used for code review. No pull requests will be merged on GitHub.

See the WordPress Handbook page on using PRs for Code Review more information:

If this is your first time contributing, you may also find reviewing these guides first to be helpful:


Trac ticket:

aduth commented on PR #221:

3 years ago

empty may have been anticipating one or both of _not set_ and _empty string_. Personally, I think rather than handling the exceptions, it could be framed as more targeted to the specific anticipated problem values.


if ( ! isset( $prepared_commentcomment_content? )
$prepared_commentcomment_content? === ) {


Or, if comment_count is always set, and doesn't need to be checked:

if ( $prepared_commentcomment_content? === ) {

#3 @TimothyBlynJacobs
3 years ago

  • Milestone changed from Awaiting Review to Future Release

Thanks for the ticket @Cawa-93!

It looks like wp_handle_comment_submission strictly rejects an empty string which would allow a comment of 0.

Originally, the REST API comments controller did the same check, but in #38720 this was loosened to an empty check. Looking at the ticket, I'm not entirely sure why that part of the change was necessary.

TimothyBJacobs commented on PR #221:

3 years ago

Yeah, I think it would be better to do an isset check and looking for an empty string exactly. That matches wp_handle_comment_submission.

cawa-93 commented on PR #221:

3 years ago

@TimothyBJacobs I agree with you. I didn't think about matching the behavior in the wp_handle_comment_submission. Then, perhaps, should the same hook be added to allow empty comments?

$allow_empty_comment = apply_filters( 'rest_allow_empty_comment', false, $prepared_comment );

$missing_content = ! isset( $prepared_commentcomment_content? )
=== $prepared_commentcomment_content?

if ( $missing_content && ! $allow_empty_comment ) {

return new WP_Error(

( 'Invalid comment content.' ),
array( 'status' => 400 )



TimothyBJacobs commented on PR #221:

3 years ago

Yeah I think it'd be great to make sure we realign ourselves with wp_handle_comment_submission.

#8 @TimothyBlynJacobs
3 years ago

  • Milestone Future Release deleted
  • Resolution set to duplicate
  • Status changed from new to closed

This isn't an exact duplicate of #43177, but they'll both be the same fix. So closing as duplicate.

TimothyBJacobs commented on PR #221:

3 years ago

Fixed in 1e030c4062f87b3881012d977a9adc3ade9c63b9.

Note: See TracTickets for help on using tickets.