Fix sanitization callback #5060

senadir · 2021-11-03T10:44:29Z

This PR is cherry-picked from #5045

This fixed an error where data passed to the Store API via post would be incorrectly represented in the $request object after data sanitization.

Previously it would look over all items in the object recursively but due to this condition, would return the first sanitized value:

if ( isset( $property_value['properties'] ) ) {
					$sanitize_callback = $this->get_recursive_sanitize_callback( $property_value['properties'] );
					return $sanitize_callback( $current_value, $request, $param . ' > ' . $property_key );
}

Other data in the extensions object would then be skipped.

The fix is to place all values into an array and return them once all properties have been sanitized.

Testing steps

Since these changes only impact developers, there are no user facing testing steps to perform. I have however added a test case to confirm nested properties are no longer destroyed. Ensure php tests pass with this change.

Changelog

Fix an issue with sanitization callbacks.

github-actions · 2021-11-03T10:50:32Z

Size Change: -4.01 kB (0%)

Total Size: 1.11 MB

Filename	Size	Change
`build/active-filters-frontend.js`	8.18 kB	-157 B (-2%)
`build/active-filters.js`	8 kB	-1 B (0%)
`build/all-products-frontend.js`	23.1 kB	-160 B (-1%)
`build/all-products.js`	38 kB	-19 B (0%)
`build/atomic-block-components/add-to-cart--atomic-block-components/button.js`	1.81 kB	-1 B (0%)
`build/atomic-block-components/add-to-cart--atomic-block-components/image--atomic-block-components/title.js`	0 B	-334 B (removed)	🏆
`build/atomic-block-components/add-to-cart-frontend.js`	8.34 kB	-168 B (-2%)
`build/atomic-block-components/add-to-cart.js`	7.85 kB	+10 B (0%)
`build/atomic-block-components/button.js`	874 B	-1 B (0%)
`build/atomic-block-components/category-list-frontend.js`	467 B	+2 B (0%)
`build/atomic-block-components/category-list.js`	469 B	-1 B (0%)
`build/atomic-block-components/image-frontend.js`	1.71 kB	-174 B (-9%)	✅
`build/atomic-block-components/image.js`	1.36 kB	+12 B (+1%)
`build/atomic-block-components/price-frontend.js`	2.13 kB	-2 B (0%)
`build/atomic-block-components/rating-frontend.js`	563 B	+2 B (0%)
`build/atomic-block-components/sale-badge-frontend.js`	861 B	+2 B (0%)
`build/atomic-block-components/sale-badge.js`	868 B	-1 B (0%)
`build/atomic-block-components/sku.js`	393 B	+1 B (0%)
`build/atomic-block-components/stock-indicator-frontend.js`	611 B	-1 B (0%)
`build/atomic-block-components/summary-frontend.js`	908 B	+2 B (0%)
`build/atomic-block-components/tag-list-frontend.js`	467 B	+1 B (0%)
`build/atomic-block-components/title-frontend.js`	1.48 kB	-162 B (-10%)	👏
`build/atomic-block-components/title.js`	1.47 kB	+11 B (+1%)
`build/attribute-filter-frontend.js`	18.1 kB	-179 B (-1%)
`build/attribute-filter.js`	12.1 kB	-2 B (0%)
`build/blocks-checkout.js`	21 kB	-22 B (0%)
`build/cart-blocks/accepted-payment-methods-frontend.js`	1.39 kB	+3 B (0%)
`build/cart-blocks/checkout-button-frontend.js`	1.22 kB	-19 B (-2%)
`build/cart-blocks/express-payment--checkout-blocks/express-payment--checkout-blocks/payment-frontend.js`	4.73 kB	+1 B (0%)
`build/cart-blocks/express-payment-frontend.js`	1.58 kB	-3 B (0%)
`build/cart-blocks/line-items-frontend.js`	5.85 kB	-7 B (0%)
`build/cart-blocks/order-summary--checkout-blocks/billing-address--checkout-blocks/shipping-address-frontend.js`	3.69 kB	+3 B (0%)
`build/cart-blocks/order-summary-frontend.js`	7.4 kB	-21 B (0%)
`build/cart-blocks/totals-frontend.js`	322 B	-1 B (0%)
`build/cart-frontend.js`	52.2 kB	-654 B (-1%)
`build/cart.js`	50.5 kB	-38 B (0%)
`build/checkout-blocks/actions-frontend.js`	1.48 kB	-23 B (-2%)
`build/checkout-blocks/billing-address-frontend.js`	2.64 kB	-29 B (-1%)
`build/checkout-blocks/contact-information-frontend.js`	3.87 kB	-18 B (0%)
`build/checkout-blocks/express-payment-frontend.js`	1.93 kB	-2 B (0%)
`build/checkout-blocks/order-note-frontend.js`	1.56 kB	-1 B (0%)
`build/checkout-blocks/order-summary-frontend.js`	12.8 kB	+23 B (0%)
`build/checkout-blocks/payment-frontend.js`	4.56 kB	-26 B (-1%)
`build/checkout-blocks/shipping-address-frontend.js`	3.03 kB	-29 B (-1%)
`build/checkout-blocks/shipping-methods-frontend.js`	5.54 kB	-14 B (0%)
`build/checkout-frontend.js`	54.4 kB	-681 B (-1%)
`build/checkout.js`	54 kB	-31 B (0%)
`build/featured-category.js`	7.74 kB	-1 B (0%)
`build/handpicked-products.js`	6.27 kB	-1 B (0%)
`build/legacy-template.js`	2.12 kB	+88 B (+4%)
`build/mini-cart-component-frontend.js`	44.4 kB	-651 B (-1%)
`build/mini-cart-frontend.js`	2.34 kB	+7 B (0%)
`build/price-filter-frontend.js`	14.2 kB	-185 B (-1%)
`build/product-categories.js`	3.37 kB	-1 B (0%)
`build/product-new.js`	6.77 kB	-1 B (0%)
`build/product-on-sale.js`	7.11 kB	-1 B (0%)
`build/product-tag.js`	6.6 kB	-1 B (0%)
`build/product-top-rated.js`	6.74 kB	-1 B (0%)
`build/reviews-by-category.js`	11.4 kB	-1 B (0%)
`build/reviews-by-product.js`	13 kB	-1 B (0%)
`build/reviews-frontend.js`	8.97 kB	+4 B (0%)
`build/single-product-frontend.js`	26.6 kB	+3 B (0%)
`build/single-product.js`	9.75 kB	-17 B (0%)
`build/stock-filter-frontend.js`	8.62 kB	-153 B (-2%)
`build/stock-filter.js`	7.81 kB	+1 B (0%)
`build/vendors--atomic-block-components/add-to-cart--cart-blocks/order-summary--checkout-blocks/billing-ad--c5eb4dcd-frontend.js`	16.1 kB	-1 B (0%)
`build/vendors--atomic-block-components/add-to-cart-frontend.js`	4.77 kB	+2 B (0%)
`build/vendors--atomic-block-components/price--cart-blocks/line-items--cart-blocks/order-summary--checkout--8a3571de-frontend.js`	5.71 kB	+1 B (0%)
`build/vendors--cart-blocks/order-summary--checkout-blocks/billing-address--checkout-blocks/order-summary---eb4d2cec-frontend.js`	5.02 kB	+1 B (0%)
`build/wc-blocks-editor-style-rtl.css`	15.7 kB	-1 B (0%)
`build/wc-blocks-editor-style.css`	15.7 kB	-1 B (0%)
`build/wc-blocks-middleware.js`	1.19 kB	-282 B (-19%)	👏
`build/wc-blocks-registry.js`	3.71 kB	+1 B (0%)
`build/wc-blocks-shared-context.js`	1.54 kB	-5 B (0%)
`build/wc-blocks-shared-hocs.js`	1.92 kB	+172 B (+10%)	⚠️
`build/wc-blocks-style-rtl.css`	21 kB	-39 B (0%)
`build/wc-blocks-style.css`	21 kB	-38 B (0%)
`build/wc-settings.js`	2.91 kB	-1 B (0%)

ℹ️ View Unchanged

Filename	Size
`build/all-reviews.js`	9.57 kB
`build/atomic-block-components/add-to-cart--atomic-block-components/button--atomic-block-components/image---a7e2bb9b.js`	3.19 kB
`build/atomic-block-components/button-frontend.js`	1.74 kB
`build/atomic-block-components/price.js`	2.11 kB
`build/atomic-block-components/rating.js`	565 B
`build/atomic-block-components/sku-frontend.js`	391 B
`build/atomic-block-components/stock-indicator.js`	611 B
`build/atomic-block-components/summary.js`	912 B
`build/atomic-block-components/tag-list.js`	471 B
`build/cart-blocks/empty-cart-frontend.js`	349 B
`build/cart-blocks/filled-cart-frontend.js`	806 B
`build/cart-blocks/items-frontend.js`	303 B
`build/checkout-blocks/fields-frontend.js`	346 B
`build/checkout-blocks/terms-frontend.js`	1.65 kB
`build/checkout-blocks/totals-frontend.js`	329 B
`build/featured-product.js`	9.42 kB
`build/mini-cart.js`	5.72 kB
`build/price-filter.js`	9.65 kB
`build/price-format.js`	1.37 kB
`build/product-best-sellers.js`	6.62 kB
`build/product-category.js`	7.49 kB
`build/product-search.js`	2.68 kB
`build/products-by-attribute.js`	7.7 kB
`build/vendors--cart-blocks/line-items--checkout-blocks/order-summary-frontend.js`	3.14 kB
`build/wc-blocks-data.js`	11.3 kB
`build/wc-blocks-google-analytics.js`	1.98 kB
`build/wc-blocks-vendors-style-rtl.css`	1.37 kB
`build/wc-blocks-vendors-style.css`	1.37 kB
`build/wc-blocks-vendors.js`	254 kB
`build/wc-blocks.js`	3.49 kB
`build/wc-payment-method-bacs.js`	806 B
`build/wc-payment-method-cheque.js`	806 B
`build/wc-payment-method-cod.js`	898 B
`build/wc-payment-method-paypal.js`	839 B
`build/wc-payment-method-stripe.js`	12.2 kB

_{compressed-size-action}

…rties

mikejolley · 2021-11-05T00:46:04Z

@senadir @opr Added a test case to confirm the fix is in place. Used a package called Mockery to test the action receives the correct params.

senadir

meta-approving giving I'm the PR author but it's actually Mike's PR.

senadir · 2021-11-05T10:37:01Z

tests/php/StoreApi/Routes/Checkout.php

@@ -0,0 +1,225 @@
+<?php


Reviewed this new test and it's looks fine to me! Thank you for writing it.

mikejolley · 2021-11-05T15:39:02Z

e2e test fail is unrelated. Merging.

* Fix sanitization callback * Add test case to confirm sanitization callbacks work for nested properties Co-authored-by: Mike Jolley <mike.jolley@me.com>

Fix sanitization callback

54610e4

senadir assigned mikejolley Nov 3, 2021

rubikuserbot requested review from a team and opr and removed request for a team November 3, 2021 10:44

senadir added focus: rest api Work impacting REST api routes. type: bug The issue/PR concerns a confirmed bug. labels Nov 3, 2021

senadir marked this pull request as ready for review November 4, 2021 12:58

Add test case to confirm sanitization callbacks work for nested prope…

9f8f9ae

…rties

senadir commented Nov 5, 2021

View reviewed changes

mikejolley merged commit 711d2fb into trunk Nov 5, 2021

mikejolley deleted the fix/sanitization-callback branch November 5, 2021 15:39

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix sanitization callback #5060

Fix sanitization callback #5060

senadir commented Nov 3, 2021 •

edited by mikejolley

Loading

github-actions bot commented Nov 3, 2021 •

edited

Loading

mikejolley commented Nov 5, 2021

senadir left a comment

senadir Nov 5, 2021

mikejolley commented Nov 5, 2021

Fix sanitization callback #5060

Fix sanitization callback #5060

Conversation

senadir commented Nov 3, 2021 • edited by mikejolley Loading

Testing steps

Changelog

github-actions bot commented Nov 3, 2021 • edited Loading

mikejolley commented Nov 5, 2021

senadir left a comment

Choose a reason for hiding this comment

senadir Nov 5, 2021

Choose a reason for hiding this comment

mikejolley commented Nov 5, 2021

senadir commented Nov 3, 2021 •

edited by mikejolley

Loading

github-actions bot commented Nov 3, 2021 •

edited

Loading