[wp-trac] [WordPress Trac] #34725: Require registered endpoints arguments to have a validate or sanitize callback
    WordPress Trac 
    noreply at wordpress.org
       
    Wed Nov 18 19:00:17 UTC 2015
    
    
  
#34725: Require registered endpoints arguments to have a validate or sanitize
callback
-----------------------------+------------------
 Reporter:  danielbachhuber  |       Owner:
     Type:  defect (bug)     |      Status:  new
 Priority:  normal           |   Milestone:  4.4
Component:  REST API         |     Version:
 Severity:  normal           |  Resolution:
 Keywords:  needs-patch      |     Focuses:
-----------------------------+------------------
Comment (by danielbachhuber):
 From the Slack conversation, some of the options present to us:
 * Default to `sanitize_text_field()` when no validation or sanitization
 callback is specified, but this can't guarantee security.
 * Silently discard the argument if validation or sanitization hasn’t been
 specified.
 * Error any misspelled callbacks, but don't require one.
 `register_setting()` has these callbacks as optional.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/34725#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
    
    
More information about the wp-trac
mailing list