Commit Graph

80 Commits

Author SHA1 Message Date
whyisjake
6c3a387d77 REST API: Allow for multiple Vary: Origin headers in GET responses.
Simple fix, we pass `false` as the second parameter to the header function.

This is something that we added downstream of the 5.2.4 release, but we missed in 5.2/trunk.

Fixes #48309.
Props xknown, whyisjake.

Built from https://develop.svn.wordpress.org/trunk@46544


git-svn-id: http://core.svn.wordpress.org/trunk@46341 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-15 15:47:03 +00:00
whyisjake
89468bfb89 REST API: Ensure that we don't generate warnings from sending extra headers after headers have been sent.
Fixes issues stemming from [46478].


Built from https://develop.svn.wordpress.org/trunk@46483


git-svn-id: http://core.svn.wordpress.org/trunk@46281 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-14 16:25:04 +00:00
whyisjake
b224c251ad REST API: Send a Vary: Origin header on GET requests.
Add this header on all GET requests to prevent cached requests.

Props darthhexx, davidbinda, nickdaugherty, whyisjake.

Built from https://develop.svn.wordpress.org/trunk@46478


git-svn-id: http://core.svn.wordpress.org/trunk@46276 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-14 15:43:04 +00:00
K. Adam White
1a8aba96e7 REST API: Fix error in _fields filtering logic where only one of several requested sibling properties would be included.
Props kadamwhite, TimothyBlynJacobs.
Fixes #48266.

Built from https://develop.svn.wordpress.org/trunk@46456


git-svn-id: http://core.svn.wordpress.org/trunk@46254 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-10 17:18:03 +00:00
K. Adam White
10772e8499 REST API: Introduce WP_Post_Type::get_rest_controller() caching method to prevent unnecessary REST controller construction.
Cache REST controller references on their associated post type object to prevent unnecessary controller re-instantiation, which previously caused "rest_prepare_{$post_type}" and "rest_{$post_type}_query" to run twice per request.

Props TimothyBlynJacobs, patrelentlesstechnologycom.
Fixes #45677.

Built from https://develop.svn.wordpress.org/trunk@46272


git-svn-id: http://core.svn.wordpress.org/trunk@46084 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-23 20:25:57 +00:00
K. Adam White
b15c0d410e REST API: Pass "null" as the post date property to reset post to initial "floating" date value.
Props TimothyBlynJacobs, adamsilverstein, jnylen0, mnelson4.
Fixes #44975.


Built from https://develop.svn.wordpress.org/trunk@46249


git-svn-id: http://core.svn.wordpress.org/trunk@46061 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-23 17:25:57 +00:00
K. Adam White
6da9c88729 REST API: Consistently default URL scheme to "rest", not "json".
The "json" scheme is a holdover from the pre-merge plugin version of the REST API, and was corrected elsewhere in core in [34300]. Only "rest" is officially supported in `set_url_scheme()`.

Props DrewAPicture, rmccue.
Fixes #45169.

Built from https://develop.svn.wordpress.org/trunk@46233


git-svn-id: http://core.svn.wordpress.org/trunk@46045 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-22 19:15:57 +00:00
K. Adam White
66f907b2eb REST API: Support dot.nested hierarchical properties in _fields query parameter.
Enable clients to opt-in to receipt of one or more specific sub-properties within a response, and not other sub-properties.
Skip potentially expensive filtering and processing for post resources which were explicitly not requested.

Props kadamwhite, TimothyBlynJacobs, dlh.
Fixes #42094.

Built from https://develop.svn.wordpress.org/trunk@46184


git-svn-id: http://core.svn.wordpress.org/trunk@45996 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-19 14:05:55 +00:00
Sergey Biryukov
55378bd295 REST API: Use correct parameter name in rest_validate_value_from_schema() error messages.
Props manzoorwanijk.
Fixes #47905.
Built from https://develop.svn.wordpress.org/trunk@46101


git-svn-id: http://core.svn.wordpress.org/trunk@45913 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-13 03:06:55 +00:00
K. Adam White
c148f0aa55 REST API: Accept string path in rest_ensure_request.
Update `rest_ensure_request()` to accept a string path, permitting a string path to be passed to `rest_do_request()` as is indicated (previously inaccurately) in that method's PHPDoc.

Props TimothyBlynJacobs, kadamwhite.
Fixes #40614.

Built from https://develop.svn.wordpress.org/trunk@46099


git-svn-id: http://core.svn.wordpress.org/trunk@45911 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-12 21:47:57 +00:00
Sergey Biryukov
e199663322 I18N: Capitalize translator comments consistently, add trailing punctuation.
Includes minor code layout fixes.

See #44360.
Built from https://develop.svn.wordpress.org/trunk@45932


git-svn-id: http://core.svn.wordpress.org/trunk@45743 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-03 00:41:05 +00:00
Sergey Biryukov
16b8d91baa I18N: Improve translator comments.
* Add missing translator comments.
* Fix placement of some translator comments. Translator comments should be on the line directly above the line containing the translation function call for optimal compatibility with various `.pot` file generation tools. The CS auto-fixing, which changed some inconsistent function calls to multi-line function calls, is part of the reason why this was no longer the case for a select group of translator comments.

Includes minor code layout fixes.

Polyglots, rejoice! All WordPress core files now have translator comments for all strings with placeholders!

Props jrf, subrataemfluence, GaryJ, webdados, Dency, swissspidy, alvarogois, marcomartins, mihaiiceyro, vladwtz, niq1982, flipkeijzer, michielatyoast, chandrapatel, thrijith, joshuanoyce, FesoVik, tessak22, bhaktirajdev, cleancoded, dhavalkasvala, garrett-eclipse, bibliofille, socalchristina, priyankkpatel, 5hel2l2y, adamsilverstein, JeffPaul, pierlo, SergeyBiryukov.
Fixes #44360.
Built from https://develop.svn.wordpress.org/trunk@45926


git-svn-id: http://core.svn.wordpress.org/trunk@45737 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-01 17:13:59 +00:00
K. Adam White
dbfa0c7ed4 REST API: Clarify arguments passed to rest route get & update callbacks.
Update doc block argument definitions to clarify that the REST API always passes an array to the `get_callback` and always passes an entity object to the `update_callback`.

Props TimothyBlynJacobs, salzano.
Fixes #44432.


Built from https://develop.svn.wordpress.org/trunk@45810


git-svn-id: http://core.svn.wordpress.org/trunk@45621 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-15 20:04:55 +00:00
K. Adam White
5b318f1dda REST API: Support 'object' and 'array' types in register_meta() schemas.
Extends meta registration to support complex schema values, mirroring the functionality in the settings controller.
Error when trying to modify a meta key containing schema-nonconformant data.

Props @TimothyBlynJacobs, @birgire, @mnelson4, @flixos90.
Fixes #43392.


Built from https://develop.svn.wordpress.org/trunk@45807


git-svn-id: http://core.svn.wordpress.org/trunk@45618 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-15 17:17:55 +00:00
Sergey Biryukov
2aa8ce5bc5 REST API: In get_rest_url(), check if $_SERVER['SERVER_NAME'] is set to avoid a PHP warning in CLI context.
Props paulschreiber.
Fixes #47854.
Built from https://develop.svn.wordpress.org/trunk@45771


git-svn-id: http://core.svn.wordpress.org/trunk@45582 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-08 20:20:55 +00:00
Sergey Biryukov
ea606165a5 Docs: Add missing description for $wp global.
See #45604, #47110.
Built from https://develop.svn.wordpress.org/trunk@45736


git-svn-id: http://core.svn.wordpress.org/trunk@45547 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-04 01:28:55 +00:00
Sergey Biryukov
b1e34ccc1f Docs: Add missing description for $wp_rewrite global.
See #45604, #47110.
Built from https://develop.svn.wordpress.org/trunk@45735


git-svn-id: http://core.svn.wordpress.org/trunk@45546 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-04 01:19:56 +00:00
Sergey Biryukov
e85a5c64a3 REST API: Allow rest_get_avatar_urls() to accept full user, post, or comment objects, rather than just an email address, to provide better flexibility for alternative avatar data.
Since the function uses `get_avatar_url()` internally, which already supports it, this should not have any backward compatibility concerns.

Props donmhico, dshanske, pputzer, joehoyle, TimothyBlynJacobs.
Fixes #40030.
Built from https://develop.svn.wordpress.org/trunk@45632


git-svn-id: http://core.svn.wordpress.org/trunk@45443 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-14 14:35:56 +00:00
Sergey Biryukov
e23ce44744 REST API: Call WP_REST_Server::get_compact_response_links() and ::get_raw_data() static methods the right way.
Props andizer, TimothyBlynJacobs.
Fixes #47578.
Built from https://develop.svn.wordpress.org/trunk@45566


git-svn-id: http://core.svn.wordpress.org/trunk@45377 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-06-26 18:07:54 +00:00
Sergey Biryukov
c77e771c84 Date/Time: Replace all instances of date() with gmdate().
Use of `date()` in core depends on PHP timezone set to UTC and not changed by third party code (which cannot be guaranteed).

`gmdate()` is functionally equivalent, but is not affected by PHP timezone setting: it's always UTC, which is the exact behavior the core needs.

Props nielsdeblaauw, Rarst.
Fixes #46438. See #44491.
Built from https://develop.svn.wordpress.org/trunk@45424


git-svn-id: http://core.svn.wordpress.org/trunk@45235 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-05-26 00:12:54 +00:00
K. Adam White
391d481fe1 REST API: Ensure "Allow" header is returned for OPTIONS requests.
This changeset ensures `$request->set_url_params()` is called while fulfilling OPTIONS requests, where previously it was skipped because OPTIONS requests short-circuit the logic in `dispatch` which handles this setup for other request methods. Omitting the URL parameters prevented the Allow header from being set.

Props killua99, noisysocks.
Fixes #45753.

Built from https://develop.svn.wordpress.org/trunk@44933


git-svn-id: http://core.svn.wordpress.org/trunk@44764 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-03-19 03:22:51 +00:00
Dominik Schilling
fe73f310d4 REST API: Prevent translating the hook name in a _doing_it_wrong() message by using a placeholder.
See #45265.
Built from https://develop.svn.wordpress.org/trunk@44698


git-svn-id: http://core.svn.wordpress.org/trunk@44529 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-26 12:29:54 +00:00
desrosj
2785313bf2 REST API: Encourage proper usage of register_rest_route().
Calling `register_rest_route()` too early in the loading process has the potential to cause some unintentional problems and pitfalls. Because `register_rest_route()` calls `rest_get_server()` (which creates the `WP_REST_Server` instance), calling the function directly and/or before `rest_api_init` should be discouraged.

For example, if `register_rest_route ()` is called on `init`, the REST API server instance is set up (and all functions added to `rest_api_init` and other related hooks are invoked), even though the current request may not be a REST request. Also, if `register_rest_route()` is called even earlier (say, in an `mu-plugin` file), required endpoints may be missing since normal plugins have not yet been loaded and have not had a chance to register their own action hooks.

This adds a `_doing_it_wrong()` notice the first time `register_rest_route()` is called before `rest_api_init` in a request to encourage best practices for registering REST API routes.

Props kraftbj, desrosj, timothyblynjacobs.
Fixes #45265.
Built from https://develop.svn.wordpress.org/trunk@44568


git-svn-id: http://core.svn.wordpress.org/trunk@44399 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-11 18:19:49 +00:00
Felix Arntz
a71d208785 General: Fix problematic string to array parsing.
WordPress has historically often used code like `preg_split( '/[\s,]+/', $var )` to parse a string of comma-separated values into an array. However, this approach was causing an empty string to not be parsed into an empty array as expected, but rather into an array with the empty string as its sole element.

This was among other areas causing problems in the REST API where passing an empty request parameter could cause that request to fail because, instead of it being ignored, that parameter would be compared against the valid values for it, which typically do not include an empty string.

Props david.binda, sstoqnov.
Fixes #43977.

Built from https://develop.svn.wordpress.org/trunk@44546


git-svn-id: http://core.svn.wordpress.org/trunk@44377 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-01-10 21:06:49 +00:00
Gary Pendergast
d2782aabc5 REST API: Improve performance by avoiding call_user_func().
The `get_compact_response_links()` method was introduced in WP 4.5, and this conditional is no longer necessary.

Merges [43834] from the 5.0 branch to trunk.

Props schlessera, timothyblynjacobs.
Fixes #45189.

Built from https://develop.svn.wordpress.org/trunk@44173


git-svn-id: http://core.svn.wordpress.org/trunk@44003 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-14 06:04:55 +00:00
Gary Pendergast
d8863244cb Block Editor: Preload wp/v2/media with OPTIONS for caps check.
Also introduces a `block_editor_preload_paths` filter for plugins and themes to preload additional data.

Merges [43833] from the 5.0 branch to trunk.

Props imath, mattheu, danielbachhuber.
Fixes #45194.


Built from https://develop.svn.wordpress.org/trunk@44172


git-svn-id: http://core.svn.wordpress.org/trunk@44002 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-14 06:02:52 +00:00
Jeremy Felt
c3e927d2c8 REST API: Add endpoints for blocks.
`WP_REST_Block_Renderer_Controller` allows rendering of server-side rendered blocks, whilst `WP_REST_Blocks_Controller` allows retrieving of reusable blocks.

Merges [43805] and [43806] from the 5.0 branch to trunk.

Props desrosj, danielbachhuber, pento, Presskopp, swissspidy.
See #45065, #45098.

Built from https://develop.svn.wordpress.org/trunk@44150


git-svn-id: http://core.svn.wordpress.org/trunk@43980 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-14 02:35:38 +00:00
desrosj
d4d16ec083 REST API: Introduce Autosaves controller and endpoint.
- Adds `WP_REST_Autosaves_Controller` which extends `WP_REST_Revisions_Controller`.
- Autosaves endpoint is registered for all post types except attachment because even post types without revisions enabled are expected to autosave.
- Because setting the `DOING_AUTOSAVE` constant pollutes the test suite, autosaves tests are run last. We may want to improve upon this later. 

Also, use a truly impossibly high number in User Controller tests. The number `100`, (or `7777` in `trunk`), could be valid in certain test run configurations. The `REST_TESTS_IMPOSSIBLY_HIGH_NUMBER` constant is impossibly high for this very reason.

Finally, Skip Autosaves controller test for multisite. There's a PHP 5.2 edge case where paths calculated differently, possibly caused by differing version of PHPUnit.

Props adamsilverstein, aduth, azaozz, danielbachhuber, rmccue, danielbachhuber.

Merges [43767], [43768], [43769] to trunk.

See #45132, #45131.
Fixes #45128, #43316.
Built from https://develop.svn.wordpress.org/trunk@44126


git-svn-id: http://core.svn.wordpress.org/trunk@43956 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-13 22:42:38 +00:00
desrosj
d16e6740d5 REST API: Introduce the rest_preload_api_request() function.
This function helps perform multiple REST API requests, for the purpose of preloading data into a page.

Props pento.

Merges [43763] to trunk.

See #45110.
Built from https://develop.svn.wordpress.org/trunk@44123


git-svn-id: http://core.svn.wordpress.org/trunk@43953 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-13 22:25:49 +00:00
Gary Pendergast
6cbb6f9bd2 REST API: Introduce controller for searching across post types.
Introduces a `WP_REST_Search_Controller` class which registers a `/wp/v2/search` endpoint. Search types are handled by extending `WP_REST_Search_Handler`. The default search type is `WP_REST_Post_Search_Handler` but can be filtered by plugins or a theme.

Merges [43739,43741] from the 5.0 branch to trunk.

Props danielbachhuber, flixos90, pento, rmccue, joehoyle.
Fixes #39965.


Built from https://develop.svn.wordpress.org/trunk@44107


git-svn-id: http://core.svn.wordpress.org/trunk@43937 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-13 09:38:25 +00:00
Jeremy Felt
c108cbfa52 REST API: Introduce themes endpoint to expose theme-supports values for the active theme.
In order to correctly render parts of its UI, the new editor needs to be aware of the active theme's post-formats and post-thumbnails support. This data is exposed by querying for the active theme on a new /wp/v2/themes endpoint for sufficiently privileged users.

Merges [43734], [43735] to trunk.

props desrosj.
Fixes #45016.

Built from https://develop.svn.wordpress.org/trunk@43985


git-svn-id: http://core.svn.wordpress.org/trunk@43817 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-12 03:33:24 +00:00
desrosj
a36830c4cb REST API: Enable users with read_private_posts to query for them.
An authorized request with the read_private_posts capability for a post type should be able to GET /wp/v2/posts for posts of status=private. This query is further sanity-checked by WP_REST_Posts_Controller->check_read_permission(), which is unchanged.

Props rachelbaker, soulseekah, twoelevenjay.

Moves [43694] from the 5.0 branch to trunk.

Fixes #43701.
Built from https://develop.svn.wordpress.org/trunk@43979


git-svn-id: http://core.svn.wordpress.org/trunk@43811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-12-11 22:30:24 +00:00
Gary Pendergast
aaf99e6913 Code is Poetry.
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.


Built from https://develop.svn.wordpress.org/trunk@42343


git-svn-id: http://core.svn.wordpress.org/trunk@42172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-30 23:11:00 +00:00
Ryan McCue
9b68e59534 REST API: Ensure rest_url() consistently has leading slash.
`rest_url()` inconsistent addes slashes to the passed path depending on whether the site has pretty permalinks enabled. Apart from being inconsistent, this also caused the unit tests to fail when pretty permalinks are enabled.

Props frank-klein.
Fixes #42452. See #41451.

Built from https://develop.svn.wordpress.org/trunk@42250


git-svn-id: http://core.svn.wordpress.org/trunk@42079 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-28 07:10:46 +00:00
Joe Hoyle
bebb0b0d82 REST API: Don’t remove unregistered properties from objects in schema.
In r41727 the ability to sanitise and validate objects from JSON schema was added, with a whitelist approach. It was decided we should pass through all non-registered properties to reflect the behaviour of the root object in register_rest_route. To prevent arbitrary extra data via setting objects, we force additionalProperties to false in the settings endpoint.

See #38583.
Built from https://develop.svn.wordpress.org/trunk@42000


git-svn-id: http://core.svn.wordpress.org/trunk@41834 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-24 21:05:49 +00:00
K. Adam White
37ec288f71 REST API: Add _fields parameter to selectively include fields in response JSON.
Allows REST API consumers to specify the specific fields needed in their application code, whitelisting those fields and omitting all others from the returned JSON response object.
This permits applications that only need for example the ID and title of posts to avoid having to transfer the entire rendered post content over the wire alongside the desired fields.
While this whitelisting has no affect on the queries run when preparing the response, it can yield significant reductions in the bandwidth required to transfer a response payload for simple applications.

Props adamsilverstein, TimothyBlynJacobs, svrooij.
Fixes #38131.


Built from https://develop.svn.wordpress.org/trunk@41744


git-svn-id: http://core.svn.wordpress.org/trunk@41578 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-04 18:46:38 +00:00
Joe Hoyle
f276b4901b REST API: Support for objects in schema validation and sanitization.
When registering routes developers can now define their complex objects in the schema and benefit from the automatic validation and sanitization in the REST API. This also paves the way for support for complex object registration via register_meta and register_setting.

See #38583.
Props TimothyBlynJacobs5.
Built from https://develop.svn.wordpress.org/trunk@41727


git-svn-id: http://core.svn.wordpress.org/trunk@41561 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-10-04 08:27:47 +00:00
James Nylen
fce0b2dcd9 REST API: Always call rest_get_server() instead of accessing the $wp_rest_server global.
This is a consistency improvement and also a bug fix for fairly obscure cases involving modified WP load order.

Fixes #41555.

Built from https://develop.svn.wordpress.org/trunk@41238


git-svn-id: http://core.svn.wordpress.org/trunk@41078 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-10 01:38:43 +00:00
Gary Pendergast
7819daefd2 REST API: Always add index.php to the REST URL when pretty permalinks are disabled.
When pretty permalinks are disabled, the web server will internally forward requests to `index.php`. Unfortunately, nginx only forwards HTTP/1.0 methods: `PUT`, `PATCH`, and `DELETE` methods will return a 405 error.

To work around this nginx behaviour, including `index.php` in the REST URL skips the internal redirect.

Fixes #40886.


Built from https://develop.svn.wordpress.org/trunk@41139


git-svn-id: http://core.svn.wordpress.org/trunk@40979 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-25 00:50:43 +00:00
John Blackbourn
f750a800d0 REST API: In the admin area, ensure the REST API endpoint URL is forced to https when necessary.
In this situation, a site which uses `http` on the front end but `https` in the admin area is more likely to have a working REST API endpoint URL when used in the admin area.

Props mohanjith, westonruter, jnylen0

Fixes #36451

Built from https://develop.svn.wordpress.org/trunk@40843


git-svn-id: http://core.svn.wordpress.org/trunk@40694 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-25 18:02:41 +00:00
James Nylen
21b1135b1c REST API: Do not set X-WP-Deprecated* headers as often.
Only set these headers if (1) `WP_DEBUG` is enabled and (2) headers have not already been sent.

Previously, this code could generate warnings by trying to set a header after response data has already been sent.  This happens when code attached to the `shutdown` filter calls a deprecated function, for example.

Also, these headers are unlikely to be useful in the majority of cases; let's only send them if `WP_DEBUG` is enabled.

Props kraftbj, jnylen0, ocean90, rmccue.
Fixes #40787.

Built from https://develop.svn.wordpress.org/trunk@40782


git-svn-id: http://core.svn.wordpress.org/trunk@40640 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-18 17:49:42 +00:00
Rachel Baker
195b227357 Formatting: Increase minimum characters allowed in is_email() to 6.
Brings the minimum characters expected for a valid email address to six, which matches the expectations in `wp_handle_comment_submission()` and REST API email arguments.

Props rmccue, lukecavanagh, rachelbaker, desrosj, sudar.
Fixes #38708.

Built from https://develop.svn.wordpress.org/trunk@40667


git-svn-id: http://core.svn.wordpress.org/trunk@40530 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-14 04:20:43 +00:00
Ryan McCue
027e8d9218 REST API: Allow "Origin: null" from file: URLs.
Browsers send an "Origin: null" header value for file and data URLs, as they can be generated by any document, and their origin is not guaranteed. Since we want to allow any URL to access the API (intentionally disabling the CORS protections), we need to special-case the non-URL "null" value.

Props joehoyle.
Fixes #40011.

Built from https://develop.svn.wordpress.org/trunk@40600


git-svn-id: http://core.svn.wordpress.org/trunk@40470 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-10 04:22:43 +00:00
James Nylen
b6ce4e2830 REST API: Fix multiple issues with setting dates of posts and comments.
This commit modifies the `rest_get_date_with_gmt` function to correctly parse local and UTC timestamps with or without timezone information.

It also ensures that the REST API can edit the dates of draft posts by setting the `edit_date` flag to `wp_update_post`.

Overall this commit ensures that post and comment dates can be set and updated as expected.

Fixes #39256.

Built from https://develop.svn.wordpress.org/trunk@40101


git-svn-id: http://core.svn.wordpress.org/trunk@40038 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-02-21 18:18:45 +00:00
Sergey Biryukov
234f2040a8 Docs: Use third-person singular verb for rest_avatar_sizes filter description.
See #39130.
Built from https://develop.svn.wordpress.org/trunk@40047


git-svn-id: http://core.svn.wordpress.org/trunk@39984 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-02-06 02:58:40 +00:00
Joe Hoyle
e357195ce3 REST API: Unify object access handling for simplicity.
Rather than repeating ourselves, unifying the access into a single method keeps everything tidy. While we're at it, add in additional schema handling for common parameters.

See #38792.
Built from https://develop.svn.wordpress.org/trunk@39954


git-svn-id: http://core.svn.wordpress.org/trunk@39891 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-26 13:39:41 +00:00
Ryan McCue
1326d9e2c7 REST API: Correctly serve the index with PATH_INFO
When hitting the index, untrailingslashit() would make the REST route empty, which would then use the fallback inside WP_REST_Server. This isn't a problem most of the time, but WP_REST_Server contains a fallback to PATH_INFO. Combined with PATH_INFO permalinks, this would give a 404 on the API index, as it attempts to look up a route for "/wp-json/".

Props ccprog.
Fixes #39432.

Built from https://develop.svn.wordpress.org/trunk@39923


git-svn-id: http://core.svn.wordpress.org/trunk@39860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-17 05:40:40 +00:00
Sergey Biryukov
b3c28838f7 REST API: Improve error messages for number relational validation.
Props jblz.
Fixes #39054.
Built from https://develop.svn.wordpress.org/trunk@39896


git-svn-id: http://core.svn.wordpress.org/trunk@39833 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-01-13 04:38:40 +00:00
John Blackbourn
d327c92e4b Docs: Add and correct @since docs for a variety of functions and methods.
Props keesiemeijer, chris_dev
Fixes #39343, #39357, #39344
See #39130

Built from https://develop.svn.wordpress.org/trunk@39638


git-svn-id: http://core.svn.wordpress.org/trunk@39578 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-27 09:21:44 +00:00
Rachel Baker
606c9905ef REST API: Fix incorrect uses of rest_sanitize_value_from_schema().
In the `check_username()` and `check_password()` callbacks in the Users controller cast the provided request value to a string. The `rest_sanitize_value_from_schema()` function was being used incorrectly which was causing unintended request parsing. 
In `rest_sanitize_request_arg()` do not pass nonexistent third parameter for the `rest_sanitize_value_from_schema()` function.

Props jnylen0, joehoyle, rachelbaker, ocean90.
Fixes #38984.
Built from https://develop.svn.wordpress.org/trunk@39400


git-svn-id: http://core.svn.wordpress.org/trunk@39340 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-12-01 02:12:41 +00:00