Commit Graph

74 Commits

Author SHA1 Message Date
TimothyBlynJacobs
df2b9b1689 REST API: Add Content-Disposition, Content-MD5 and X-WP-Nonce as allowed cors headers.
The Content-Disposition and Content-MD5 headers allow for easier file uploading across domains by using a File/Blob object directly. The X-WP-Nonce header is allowed for making cross-origin and same-origin authenticated requests consistent.

Additionally a filter is introduced, "rest_allowed_cors_headers", to simplify the process of allowing additional request headers.

Props rmccue, TimothyBlynJacobs.
Fixes #41696.

Built from https://develop.svn.wordpress.org/trunk@48452


git-svn-id: http://core.svn.wordpress.org/trunk@48221 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-07-12 19:37:12 +00:00
Sergey Biryukov
c892c420b7 Docs: Miscellaneous DocBlock corrections.
See #49572.
Built from https://develop.svn.wordpress.org/trunk@48198


git-svn-id: http://core.svn.wordpress.org/trunk@47967 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-28 11:53:04 +00:00
desrosj
4b60af1a6a General: Remove “whitelist” and “blacklist” in favor of more clear and inclusive language.
“The WordPress open source community cares about diversity. We strive to maintain a welcoming environment where everyone can feel included.”

With this commit, all occurrences of “whitelist” and “blacklist” (with the single exception of the `$new_whitelist_options` global variable) are removed. A new ticket has been opened to explore renaming the `$new_whitelist_options` variable (#50434).

Changing to more specific names or rewording sentences containing these terms not only makes the code more inclusive, but also helps provide clarity. These terms are often ambiguous. What is being blocked or allowed is not always immediately clear. This can make it more difficult for non-native English speakers to read through the codebase.

Words matter. If one contributor feels more welcome because these terms are removed, this was worth the effort.

Props strangerstudios, jorbin, desrosj, joemcgill, timothyblynjacobs, ocean90, ayeshrajans, davidbaumwald, earnjam.
See #48900, #50434.
Fixes #50413.
Built from https://develop.svn.wordpress.org/trunk@48121


git-svn-id: http://core.svn.wordpress.org/trunk@47890 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-22 17:26:13 +00:00
TimothyBlynJacobs
88f54b22ba REST API: Add "Link" to the list of exposed cors headers.
Currently, only the X-WP-Total and X-WP-TotalPages headers are exposed which means that clients have to manually construct the URL to implement pagination instead of using the "prev" and "next" Links.

Additionally, a filter "rest_exposed_cors_headers" is introduced to make it simpler for plugins to expose additional headers.

Props Toro_Unit, ayeshrajans.
Fixes #50369.

Built from https://develop.svn.wordpress.org/trunk@48112


git-svn-id: http://core.svn.wordpress.org/trunk@47881 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-20 23:56:12 +00:00
desrosj
c591d94cc5 General: Remove or add inline comments to $HTTP_RAW_POST_DATA occurrences.
The `$HTTP_RAW_POST_DATA` global was deprecated in PHP 5.6 and removed completely in PHP 7.0. In general, `php://input` should be used instead of `$HTTP_RAW_POST_DATA`.

Because WordPress Core still supports PHP 5.6, some plugins or sites may still rely on this variable being present and populated with the expected data. For that reason, occurrences of the variable will remain with updated inline documentation until support for PHP 5.6 is officially dropped in WordPress.

Props skoskie, jrf, desrosj, TimothyBlynJacobs.
See #49922.
Fixes #49810.
Built from https://develop.svn.wordpress.org/trunk@47926


git-svn-id: http://core.svn.wordpress.org/trunk@47700 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-06-08 19:55:10 +00:00
Dominik Schilling
aaeab2f3f5 Rest API: Ensure rest_ensure_response() upgrades WP_HTTP_Response to WP_REST_Response.
An instance of `WP_HTTP_Response` doesn't ensure that the required methods used in `WP_REST_Server::dispatch()` exist, currently causing a fatal error.

Props ali11007, TimothyBlynJacobs, ocean90.
Fixes #49495.
Built from https://develop.svn.wordpress.org/trunk@47849


git-svn-id: http://core.svn.wordpress.org/trunk@47625 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-05-23 14:36:09 +00:00
K. Adam White
480372b07c REST API: Fix namespace shadowing issue in route matching logic.
Following [47260] a namespace such as "test-ns" prevents any namespace such as "test-ns/v1" from being found when matching routes.
While not best practice, this was an unintentional back-compat break; this patch restores the original behavior.

Props david.binda, TimothyBlynJacobs.
Fixes #48530.


Built from https://develop.svn.wordpress.org/trunk@47351


git-svn-id: http://core.svn.wordpress.org/trunk@47138 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-24 18:07:08 +00:00
TimothyBlynJacobs
450d49183b REST API: Fix links format in OPTIONS requests for non-variable routes.
Props nsundberg, johnwatkins0, birgire.
Fixes #49149.

Built from https://develop.svn.wordpress.org/trunk@47326


git-svn-id: http://core.svn.wordpress.org/trunk@47120 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-20 00:55:05 +00:00
K. Adam White
23696bb074 REST API: Match REST API routes on namespace before performing regex checks.
Rule out groups of API endpoints by simple namespace string comparison to reduce the number of regex checks necessary when matching a route.

Props TimothyBlynJacobs.
Fixes #48530.

Built from https://develop.svn.wordpress.org/trunk@47260


git-svn-id: http://core.svn.wordpress.org/trunk@47060 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-11 03:22:05 +00:00
TimothyBlynJacobs
7019add74e REST API: Add support for the REDIRECT_HTTP_AUTHORIZATION header.
Previously the REST API did not account for server configurations where the Authorization header must be added using ModRewrite. This caused major DUX issues when trying to use custom authentication mechanisms.

Fixes #47077.
Props dshanske, cklosows.

Built from https://develop.svn.wordpress.org/trunk@47239


git-svn-id: http://core.svn.wordpress.org/trunk@47039 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-10 16:08:16 +00:00
TimothyBlynJacobs
5ecd61023a REST API: Introduce selective link embedding.
Previously the _embed flag would embed all embeddable links in a response even if only a subset of the links were necessary. Now, a list of link relations can be passed in the _embed parameter to restrict the list of embedded objects.

Props rheinardkorf, adamsilverstein, jnylen0, cklosows, chrisvanpatten, TimothyBlynJacobs.
Fixes #39696.

Built from https://develop.svn.wordpress.org/trunk@47224


git-svn-id: http://core.svn.wordpress.org/trunk@47024 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-02-09 20:54:05 +00:00
K. Adam White
b78819c3fa REST API: Reuse previously-generated embedded objects when building collection response.
Store each generated embedded object in a temporary cache when querying for linked resources so that repeated links to the same resource do not trigger repeated queries or processing.

Props TimothyBlynJacobs.
Fixes #48838.


Built from https://develop.svn.wordpress.org/trunk@47138


git-svn-id: http://core.svn.wordpress.org/trunk@46938 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-30 20:22:07 +00:00
Sergey Biryukov
001ffe81fb Docs: Improve inline comments per the documentation standards.
Includes minor code layout fixes for better readability.

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47122


git-svn-id: http://core.svn.wordpress.org/trunk@46922 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-29 00:45:18 +00:00
Sergey Biryukov
dd4d98a368 Docs: In various @return tags, list the expected type first, instead of false.
Follow-up to [46696].

See #48303.
Built from https://develop.svn.wordpress.org/trunk@47060


git-svn-id: http://core.svn.wordpress.org/trunk@46860 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-11 18:32:05 +00:00
Sergey Biryukov
28639fc8d5 I18N: Replace rest_authentication_errors filter name with a placeholder in a translatable string.
Follow-up to [38947] and [40038].

See #38446.
Built from https://develop.svn.wordpress.org/trunk@47044


git-svn-id: http://core.svn.wordpress.org/trunk@46844 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2020-01-06 16:21:04 +00:00
John Blackbourn
3def77672d Docs: Correct some invalid hook docblocks.
See #48303

Built from https://develop.svn.wordpress.org/trunk@46729


git-svn-id: http://core.svn.wordpress.org/trunk@46529 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-12 22:42:02 +00:00
Sergey Biryukov
3d623995a8 Docs: In various @return tags, list the expected type first, instead of WP_Error.
See #48303.
Built from https://develop.svn.wordpress.org/trunk@46696


git-svn-id: http://core.svn.wordpress.org/trunk@46496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-11 02:43:03 +00:00
Sergey Biryukov
1f816ad18d Docs: Use the {@see ...} tag for the replacement in @deprecated tags, so that Developer Reference could automatically link to the replacement.
Props jrf.
See #48255.
Built from https://develop.svn.wordpress.org/trunk@46685


git-svn-id: http://core.svn.wordpress.org/trunk@46485 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-09 13:05:02 +00:00
John Blackbourn
f545bb3f63 Docs: Improve documentation of known return types, plus other docs fixes.
See #48303

Built from https://develop.svn.wordpress.org/trunk@46660


git-svn-id: http://core.svn.wordpress.org/trunk@46460 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-11-05 21:23:02 +00:00
K. Adam White
5815551dfe REST API: Permit embedding of the 'self' link relation in the /search endpoint.
Removes a special-case prohibition against embedding 'self' which prevented ?_embed from being used with the /wp/v2/search endpoint.

Props TimothyBlynJacobs, chrisvanpatten, kadamwhite.
Fixes #47684.


Built from https://develop.svn.wordpress.org/trunk@46434


git-svn-id: http://core.svn.wordpress.org/trunk@46232 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-10-08 04:45:02 +00:00
desrosj
3cf6276ed0 Code Modernization: Remove JSON extension workarounds for PHP < 5.6.
The PHP native JSON extension has been bundled and compiled with PHP by default since version 5.2.0. Because the minimum version of PHP required by WordPress is now 5.6.20 (see #46594 and [45058]), JSON extension related polyfills and backwards compatibility code can now be removed.

This change removes code that supported JSON related functionality on older versions of PHP. This includes (but is not limited to) checks that `json_last_error()` exists, checking and setting the `JSON_UNESCAPED_SLASHES` and `JSON_PRETTY_PRINT` constants if not previously defined, and deprecating the `_wp_json_prepare_data()` function (which was 100% workaround code).

Follow up of [46205].

See #47699.
Props jrf, Clorith, pento.
Built from https://develop.svn.wordpress.org/trunk@46206


git-svn-id: http://core.svn.wordpress.org/trunk@46018 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-20 20:08:57 +00:00
K. Adam White
6c931ed61a REST API: Revert [45687].
This change may not be needed and further investigation is required before we accept it into a release.

See #46907.


Built from https://develop.svn.wordpress.org/trunk@46191


git-svn-id: http://core.svn.wordpress.org/trunk@46003 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-19 15:50:59 +00:00
K. Adam White
8dcc10693f REST API: Do not send response body if status is 204 or body is null.
Status code 204 should indicate no response body is sent. Previously, a "null" string was sent, which MacOS Safari would try to parse as JSON and thereby fail to complete the request.

Props TimothyBlynJacobs, andizer, matthias.thiel.
Fixes #43691.


Built from https://develop.svn.wordpress.org/trunk@45809


git-svn-id: http://core.svn.wordpress.org/trunk@45620 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-08-15 19:56:55 +00:00
Dominik Schilling
4d3ca52c45 REST API: Pass current request object to rest_authentication_errors filter in WP_REST_Server::check_authentication().
Fixes #46907.
Built from https://develop.svn.wordpress.org/trunk@45687


git-svn-id: http://core.svn.wordpress.org/trunk@45498 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-27 13:44:57 +00:00
Gary Pendergast
abcbee954f Coding Standards: Fix instances of WordPress.PHP.NoSilencedErrors.Discouraged.
Noteable changes:
- The `magic_quotes_runtime` and `magic_quotes_sybase` settings were removed in PHP 5.4, so no longer need to be set.
- Some functions that use external libraries can generate errors that can't be tested for, so are globally allowed to silence errors.
- Quite a few functions would cause errors if `safe_mode` was set. This setting was removed in PHP 5.4.
- Only a handful of `header()` calls needed corresponding `headers_sent()` checks for unit tests to pass, but more may need to be added as the nightlies builds are tested.

See #46732.

Built from https://develop.svn.wordpress.org/trunk@45611


git-svn-id: http://core.svn.wordpress.org/trunk@45422 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-07-09 05:45:58 +00:00
Sergey Biryukov
e23ce44744 REST API: Call WP_REST_Server::get_compact_response_links() and ::get_raw_data() static methods the right way.
Props andizer, TimothyBlynJacobs.
Fixes #47578.
Built from https://develop.svn.wordpress.org/trunk@45566


git-svn-id: http://core.svn.wordpress.org/trunk@45377 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-06-26 18:07:54 +00:00
John Blackbourn
47d32decd6 Docs: Correct and improve various inline documentation.
See #42505

Built from https://develop.svn.wordpress.org/trunk@43582


git-svn-id: http://core.svn.wordpress.org/trunk@43411 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-27 14:28:26 +00:00
Gary Pendergast
56c162fbc9 Coding Standards: Upgrade WPCS to 1.0.0
WPCS 1.0.0 includes a bunch of new auto-fixers, which drops the number of coding standards issues across WordPress significantly. Prior to running the auto-fixers, there were 15,312 issues detected. With this commit, we now drop to 4,769 issues.

This change includes three notable additions:
- Multiline function calls must now put each parameter on a new line.
- Auto-formatting files is now part of the `grunt precommit` script. 
- Auto-fixable coding standards issues will now cause Travis failures.

Fixes #44600.


Built from https://develop.svn.wordpress.org/trunk@43571


git-svn-id: http://core.svn.wordpress.org/trunk@43400 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-08-17 01:51:36 +00:00
Gary Pendergast
e22489f06c REST API: Remove permalink_structure from the index.
This was originally added to allow Gutenberg to do permalink editing, but is no longer required. It's also superceded by #41014.

Reverts [42142].
Fixes #42465.


Built from https://develop.svn.wordpress.org/trunk@42997


git-svn-id: http://core.svn.wordpress.org/trunk@42826 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-04-23 04:12:20 +00:00
Sergey Biryukov
08227812a0 Docs: Remove @static notations from method DocBlocks in wp-includes/* classes.
This tag has been used in the past, but should no longer be used. Just using the `static` keyword in code is enough for PhpDocumentor on PHP5+ to recognize static variables and methods, and PhpDocumentor will mark them as static.

Props birgire.
See #42803.
Built from https://develop.svn.wordpress.org/trunk@42746


git-svn-id: http://core.svn.wordpress.org/trunk@42576 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2018-02-25 20:22:30 +00:00
Rachel Baker
a787006298 REST API: Return the proper status code for failed permission callbacks in WP_REST_Server->dispatch().
Use the `rest_authorization_required_code()` function to return a 401 status code when a permission callback fails due to a user not being logged in.

Props jaswrks.
Fixes #42828.
Built from https://develop.svn.wordpress.org/trunk@42421


git-svn-id: http://core.svn.wordpress.org/trunk@42252 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-12-30 20:37:47 +00:00
Gary Pendergast
aaf99e6913 Code is Poetry.
WordPress' code just... wasn't.
This is now dealt with.

Props jrf, pento, netweb, GaryJ, jdgrimes, westonruter, Greg Sherwood from PHPCS, and everyone who's ever contributed to WPCS and PHPCS.
Fixes #41057.


Built from https://develop.svn.wordpress.org/trunk@42343


git-svn-id: http://core.svn.wordpress.org/trunk@42172 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-30 23:11:00 +00:00
Gary Pendergast
e8229a25d5 REST API: Add permalink_structure to the index endpoint.
This allows Gutenberg to implement permalink editing.

Props schlessera.
Fixes #42465.


Built from https://develop.svn.wordpress.org/trunk@42142


git-svn-id: http://core.svn.wordpress.org/trunk@41973 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-11-10 06:11:51 +00:00
James Nylen
0ef4d4289f REST API: Exclude numeric parameters from regex parsing
The list of endpoint parameters should only include explicitly named and requested parameters.

Props flixos90, rmccue, jnylen0.
Fixes #40704.

Built from https://develop.svn.wordpress.org/trunk@41223


git-svn-id: http://core.svn.wordpress.org/trunk@41063 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-08-03 19:55:43 +00:00
Drew Jaynes
0860bb2771 Docs: Remove @access notations from method DocBlocks in wp-includes/* classes.
Prior to about 2013, many class methods lacked even access modifiers which made the `@access` notations that much more useful. Now that we've gotten to a point where the codebase is more mature from a maintenance perspective and we can finally remove these notations. Notable exceptions to this change include standalone functions notated as private as well as some classes still considered to represent "private" APIs.

See #41452.

Built from https://develop.svn.wordpress.org/trunk@41162


git-svn-id: http://core.svn.wordpress.org/trunk@41002 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-07-27 00:41:44 +00:00
James Nylen
8f6088ba6e REST API: Add a filter to allow modifying the response *after* embedded data is added.
Fixes #38964.

Built from https://develop.svn.wordpress.org/trunk@40961


git-svn-id: http://core.svn.wordpress.org/trunk@40811 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-06-29 13:17:43 +00:00
James Nylen
df5b8dcc82 REST API: Avoid sending blank Last-Modified headers with authenticated requests.
This commit adds a new `WP_REST_Server#remove_header` method and uses it to clear the `Last-Modified` header when the "no caching" headers are sent (by default for all authenticated REST API requests).  This matches the behavior of the `nocache_headers` function used in other parts of WordPress.

Previously, the REST API would send an empty `Last-Modified` header in this situation.  Under some server and browser configurations, this causes browsers to cache authenticated REST API requests, which is undesirable.

Props iv3rson76, zinigor, rmccue, jnylen0.
Fixes #40444.

Built from https://develop.svn.wordpress.org/trunk@40805


git-svn-id: http://core.svn.wordpress.org/trunk@40663 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-05-19 20:27:44 +00:00
James Nylen
27aa0664df REST API: Add gmt_offset and timezone_string to the base /wp-json response.
The site's current timezone offset is an important piece of information for any REST API client that needs to manipulate dates.  It has not been previously available.

Expose both the `gmt_offset` (the site's current offset from UTC in hours) and `timezone_string` (which also provides information about daylight savings time) via the "site info" endpoint (the base `/wp-json` response).

Also update the `wp-api-generated.js` fixture file with the changes to the default API responses.

Props sagarkbhatt.
Fixes #39854.

Built from https://develop.svn.wordpress.org/trunk@40238


git-svn-id: http://core.svn.wordpress.org/trunk@40168 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-03-07 05:48:41 +00:00
Sergey Biryukov
e0e9568e24 REST API: After [38947], improve the wording of the message to clarify that rest_authentication_errors is a filter.
See #38446.
Built from https://develop.svn.wordpress.org/trunk@40038


git-svn-id: http://core.svn.wordpress.org/trunk@39975 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2017-02-01 21:32:47 +00:00
Sergey Biryukov
acc30b09d7 Text Changes: Merge some duplicate strings with the same meaning in error messages, adjust some other strings for consistency and accuracy.
Props ramiy, SergeyBiryukov.
Fixes #38808.
Built from https://develop.svn.wordpress.org/trunk@39278


git-svn-id: http://core.svn.wordpress.org/trunk@39218 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-17 15:53:33 +00:00
Joe Hoyle
901c4ed17a REST API: Support querying for multiple post statuses.
Multiple post statuses can be specified by the usual CSV or array-propper format.

Props jnylen0, kadamwhite, websupporter.
Fixes #38420.

Built from https://develop.svn.wordpress.org/trunk@39104


git-svn-id: http://core.svn.wordpress.org/trunk@39046 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-11-03 01:46:29 +00:00
Drew Jaynes
5f4497f0af Docs: Fix multiple trivial typos throughout a variety of core files.
Props ottok.
Fixes #38489.

Built from https://develop.svn.wordpress.org/trunk@39051


git-svn-id: http://core.svn.wordpress.org/trunk@38993 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 06:28:32 +00:00
Gary Pendergast
dbc4b87b7f REST API: Allow Content-Type on CORS requests.
This allows `POST` requests with a wider variety of `Content-Type' headers - `Content-Type: application/json`, for example.

Props jnylen0.
Fixes #37994.


Built from https://develop.svn.wordpress.org/trunk@39044


git-svn-id: http://core.svn.wordpress.org/trunk@38986 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-31 00:34:33 +00:00
Drew Jaynes
2452f69485 REST: Fix some errant else if conditions and add a few missing periods on inline comments.
Props mrahmadawais.
See #38398.

Built from https://develop.svn.wordpress.org/trunk@39029


git-svn-id: http://core.svn.wordpress.org/trunk@38971 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-30 17:54:30 +00:00
Gary Pendergast
6b4357e14b REST API: Deprecate the rest_enabled filter.
As the REST API becomes more integral to WordPress Core, turning it off will cause a... suboptimal experience. If we don't want it to be turned off, the off switch needs to be removed.

Props jorbin, pento.
Fixes #38446.


Built from https://develop.svn.wordpress.org/trunk@38947


git-svn-id: http://core.svn.wordpress.org/trunk@38890 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-26 06:28:30 +00:00
Dominik Schilling
ae2ff33c91 Docs: Improve formatting of filter docs added in [38689].
Fixes #35590.
Built from https://develop.svn.wordpress.org/trunk@38749


git-svn-id: http://core.svn.wordpress.org/trunk@38692 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-10-07 19:24:28 +00:00
Joe Hoyle
d72da116be REST API: Add filters to allow creating REST API middleware plugins.
Introduce two new filters: `rest_request_before_callbacks` and `rest_request_after_callbacks` to
assist REST API middleware plugins to perform pre-callback and cleanup hooks such as `switch_to_blog()`
or caching implementations.

Props jnylen0.
Fixes #35590.

Built from https://develop.svn.wordpress.org/trunk@38689


git-svn-id: http://core.svn.wordpress.org/trunk@38632 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-30 20:12:28 +00:00
Joe Hoyle
794dd5d8cb REST API: Enable sanitize_callback to return WP_Error.
Give developers the opportunity to reject incoming data without using the validation callback. It also enables us to do sanitization and validation in one function in instances where this could be useful.

Props websupporter, rmccue.
Fixes #37560.

Built from https://develop.svn.wordpress.org/trunk@38601


git-svn-id: http://core.svn.wordpress.org/trunk@38544 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-09-14 15:50:29 +00:00
Dominik Schilling
97bf32c66a Text Changes: Unify/merge two more permission error messages.
Props ramiy.
Fixes #34521.
Built from https://develop.svn.wordpress.org/trunk@38037


git-svn-id: http://core.svn.wordpress.org/trunk@37978 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-12 11:45:29 +00:00
Rachel Baker
e5fcbb3514 REST API: Reverse order of setting sanitization/validation, validating prior to sanitizing.
Fixes mistake in the current behavior, where the sanitization callback ran before the validation callback. Now the validation callback will run before the sanitization.

Props schlessera, rachelbaker.
See #37247.
Fixes #37192.



Built from https://develop.svn.wordpress.org/trunk@37943


git-svn-id: http://core.svn.wordpress.org/trunk@37884 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2016-07-02 23:03:27 +00:00