From facb1728b9731b06336fe4ce43332f6570ecbc05 Mon Sep 17 00:00:00 2001
From: TimothyBlynJacobs <TimothyBlynJacobs@git.wordpress.org>
Date: Sun, 3 May 2020 22:42:06 +0000
Subject: [PATCH] REST API: Validate that the oembed url parameter is a string.

This prevents a PHP warning from being issued by esc_url_raw when a non-string value is provided.

Props dd32.
Fixes #49991.

Built from https://develop.svn.wordpress.org/trunk@47755


git-svn-id: http://core.svn.wordpress.org/trunk@47531 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-includes/class-wp-oembed-controller.php | 14 ++++++++------
 wp-includes/version.php                    |  2 +-
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/wp-includes/class-wp-oembed-controller.php b/wp-includes/class-wp-oembed-controller.php
index 74b400078d..290d60a66d 100644
--- a/wp-includes/class-wp-oembed-controller.php
+++ b/wp-includes/class-wp-oembed-controller.php
@@ -40,8 +40,10 @@ final class WP_oEmbed_Controller {
 					'callback' => array( $this, 'get_item' ),
 					'args'     => array(
 						'url'      => array(
-							'required'          => true,
-							'sanitize_callback' => 'esc_url_raw',
+							'description' => __( 'The URL of the resource for which to fetch oEmbed data.' ),
+							'required'    => true,
+							'type'        => 'string',
+							'format'      => 'uri',
 						),
 						'format'   => array(
 							'default'           => 'json',
@@ -66,10 +68,10 @@ final class WP_oEmbed_Controller {
 					'permission_callback' => array( $this, 'get_proxy_item_permissions_check' ),
 					'args'                => array(
 						'url'       => array(
-							'description'       => __( 'The URL of the resource for which to fetch oEmbed data.' ),
-							'type'              => 'string',
-							'required'          => true,
-							'sanitize_callback' => 'esc_url_raw',
+							'description' => __( 'The URL of the resource for which to fetch oEmbed data.' ),
+							'required'    => true,
+							'type'        => 'string',
+							'format'      => 'uri',
 						),
 						'format'    => array(
 							'description' => __( 'The oEmbed format to use.' ),
diff --git a/wp-includes/version.php b/wp-includes/version.php
index 7f72ce0653..85abb2d145 100644
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -13,7 +13,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '5.5-alpha-47754';
+$wp_version = '5.5-alpha-47755';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.