Make WordPress Core

Opened 9 months ago

Last modified 3 months ago

#49960 new enhancement

REST API: Support sanitize callbacks for nested properties

Reported by: ocean90 Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version:
Component: REST API Keywords: needs-patch needs-unit-tests reporter-feedback
Focuses: Cc:


Example schema:

'foobar' => [
	'required'    => true,
	'type'        => 'object',
	'properties'  => [
		'foo' => [
			'required'          => true,
			'type'              => 'string',
			'sanitize_callback' => 'sanitize_text_field',
		'bar'    => [
			'required'          => true,
			'type'              => 'string',
			'sanitize_callback' => [ static::class, 'sanitize_bar' ],

Unfortunately, the required and sanitize_callback values are currently not used for properties. required is now handled in #48818. With support for sanitize_callback we'd have another way to enforce a specific format without much hassle.


Change History (2)

#1 @TimothyBlynJacobs
9 months ago

This would definitely be helpful. I'm not sure what the best way to go about it is.

We have rest_validate_request_from_schema, but that doesn't have any knowledge of the idea of sanitize_callback or validate_callback and I'd be hesitant to add that to what is a generic JSON schema validator/sanitizer.

Perhaps it could live in rest_validate_request_arg? Though for similar reasons as mentioned in #48818, it'd be much simpler to add it to rest_validate_value_from_schema since it handles schema traversing. Maybe we need a general purpose schema traversing function?

#2 @TimothyBlynJacobs
3 months ago

  • Keywords reporter-feedback added

@ocean90 Could you share some examples of what kind of validation you would want to do in these instances?

I've been thinking that this might be better served by an API to register a JSON Schema format.

Note: See TracTickets for help on using tickets.