[wp-trac] [WordPress Trac] #62932: Fatal error in rest api with invalid inputs
WordPress Trac
noreply at wordpress.org
Mon Feb 10 03:05:36 UTC 2025
#62932: Fatal error in rest api with invalid inputs
----------------------------+-----------------------
Reporter: dd32 | Owner: (none)
Type: defect (bug) | Status: new
Priority: low | Milestone: 6.8
Component: REST API | Version:
Severity: trivial | Resolution:
Keywords: php8 has-patch | Focuses: rest-api
----------------------------+-----------------------
Changes (by peterwilsoncc):
* milestone: Awaiting Review => 6.8
Comment:
Moving this on to 6.8 for consideration as it's a pretty easy fix.
An alternative to the approach above would be to catch the error and die
{{{#!diff
--- a/src/wp-includes/rest-api.php
+++ b/src/wp-includes/rest-api.php
@@ -441,6 +441,15 @@ function rest_api_loaded() {
// Initialize the server.
$server = rest_get_server();
+ if ( ! is_string( $GLOBALS['wp']->query_vars['rest_route'] ) ) {
+ $rest_type_error = new WP_Error(
+ 'rest_path_invalid_type',
+ __( 'The rest route parameter must be a string.'
),
+ array( 'status' => 400 )
+ );
+ wp_die( $rest_type_error );
+ }
+
// Fire off the request.
$route = untrailingslashit(
$GLOBALS['wp']->query_vars['rest_route'] );
if ( empty( $route ) ) {
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/62932#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list