Skip to content

Commit 880bb48

Browse files
SergeyBiryukovSergeyBiryukov
committed
REST API: Correct error handling in WP_REST_Server::serve_batch_request_v1().
This aims to avoid a fatal error when hitting the batch request endpoint with a malformed URL. Follow-up to [49252]. Props bor0, SirLouen, SergeyBiryukov. Fixes #63502. git-svn-id: https://develop.svn.wordpress.org/trunk@60635 602fd350-edb4-49c9-b593-d223f7449a82
1 parent 9098796 commit 880bb48

File tree

2 files changed

+36
-0
lines changed

2 files changed

+36
-0
lines changed

src/wp-includes/rest-api/class-wp-rest-server.php

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1747,6 +1747,12 @@ public function serve_batch_request_v1( WP_REST_Request $batch_request ) {
17471747
$has_error = false;
17481748

17491749
foreach ( $requests as $single_request ) {
1750+
if ( is_wp_error( $single_request ) ) {
1751+
$has_error = true;
1752+
$validation[] = $single_request;
1753+
continue;
1754+
}
1755+
17501756
$match = $this->match_request_to_handler( $single_request );
17511757
$matches[] = $match;
17521758
$error = null;
@@ -1817,6 +1823,12 @@ public function serve_batch_request_v1( WP_REST_Request $batch_request ) {
18171823
}
18181824

18191825
foreach ( $requests as $i => $single_request ) {
1826+
if ( is_wp_error( $single_request ) ) {
1827+
$result = $this->error_to_response( $single_request );
1828+
$responses[] = $this->envelope_response( $result, false )->get_data();
1829+
continue;
1830+
}
1831+
18201832
$clean_request = clone $single_request;
18211833
$clean_request->set_url_params( array() );
18221834
$clean_request->set_attributes( array() );

tests/phpunit/tests/rest-api/rest-server.php

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2329,6 +2329,30 @@ static function () {
23292329
$this->assertSame( 400, $response->get_status() );
23302330
}
23312331

2332+
/**
2333+
* @ticket 63502
2334+
*/
2335+
public function test_batch_request_with_malformed_url() {
2336+
$request = new WP_REST_Request( 'POST', '/batch/v1' );
2337+
$request->set_header( 'Content-Type', 'application/json' );
2338+
$request->set_body_params(
2339+
array(
2340+
'requests' => array(
2341+
array(
2342+
'method' => 'POST',
2343+
'path' => 'http://user@:80',
2344+
),
2345+
),
2346+
)
2347+
);
2348+
2349+
$response = rest_get_server()->dispatch( $request );
2350+
$data = $response->get_data()['responses'][0]['body'] ?? null;
2351+
2352+
$this->assertIsArray( $data );
2353+
$this->assertSame( 'parse_path_failed', $data['code'] );
2354+
}
2355+
23322356
/**
23332357
* @ticket 51020
23342358
*/

0 commit comments

Comments
 (0)