Validate each arg before setting WP_Block_Type properties

[hellofromtonya]

Description

Part of #41236.

Found in backport of adding support for editing block style variations in the global styles. See https://core.trac.wordpress.org/ticket/57583#comment:19.

It is possible to register a block type with its properties set to the wrong data type(s). For example, the WP_Block_Type::$style is expected to be an array, but can be registered as any other data type including a string.

The code interacting with the WP_Block_Type expects each property to be the correct data type. If any are not, then

• PHP Warning can happen in PHP 5.6 to 8.x.
• Unexpected behaviors could happen.
• Can make debugging harder to find the root cause.

As a result, data type checks are being introduced within the code that interacts with WP_Block_Type. These data type checks could be removed if the properties of WP_Block_Type were always in the expected and documented data type.

Step-by-step reproduction instructions

1. Turn on WP_DEBUG and WP_DEBUG_DISPLAY in wp-config.php:

define( 'WP_DEBUG', true );
define( 'WP_DEBUG_DISPLAY', true );

2. Add a mu-plugins test file and copy/paste this gist into it https://gist.github.com/hellofromtonya/8c4176c4ea87e02424cf3bfd7b954ac0.
3. Refresh the web page.
4. Notice the PHP Warning.

You can also var_dump() the block type returned register_block_type() to notice the properties are not validated.

Screenshots, screen recording, code snippet

https://3v4l.org/9YloM

Running the provided testing steps throws the following warning:

Warning: Invalid argument supplied for foreach() in /var/www/src/wp-includes/class-wp-theme-json.php on line 866

Note: This warning will soon be resolved with a guard being added into Core at the error line noted above. This guard can be removed if validation is added at the point of setting the property to avoid masking the problem.

Environment info

• WordPress trunk

Please confirm that you have searched existing issues in the repo.

Yes

Please confirm that you have tested with all plugins deactivated except Gutenberg.

Yes

[gziolo]

I found two similar issues:

• Blocks: Add a warning for developers if they use reserved words for attributes #48112
• Registration: Server registration is not validated on client #6702 (from 2018 😃)

Should we consolidate into a single issue? I'm also not sure if it is something that should be in this repository anymore as the code lives in WordPress core. We could try filters in the plugin but it still requires changes in core. Well, we might want to mirror some functionality when registering on the client, too.