REST API: Fix object/array validation for JSON-encoded GET parameters.This commit aligns GET parameter handling with POST requests by allowingJSON-encoded strings to pass 'object' and 'array' validation andsanitization.- Added JSON coercion in rest_validate_value_from_schema().- Added JSON coercion in rest_sanitize_value_from_schema().- Supports multi-type schemas and uses json_last_error() for safety.Fixes #64926

liaisontw · liaisontw · commit 99a47e0fb0ff · 2026-03-27T13:07:36.000+08:00
diff --git a/src/wp-includes/rest-api.php b/src/wp-includes/rest-api.php
@@ -2182,6 +2182,27 @@ function rest_get_allowed_schema_keywords() {
  * @return true|WP_Error
  */
 function rest_validate_value_from_schema( $value, $args, $param = '' ) {
+	// Ensure GET requests can handle JSON-encoded objects/arrays,
+	//aligning with POST body parsing.
+	$type = isset( $args['type'] ) ? $args['type'] : '';
+
+	$is_structured = ( 'object' === $type || 'array' === $type );
+	if ( ! $is_structured && is_array( $type ) ) {
+		$is_structured = in_array( 'object', $type, true ) || in_array( 'array', $type, true );
+	}
+
+	if ( is_string( $value ) && $is_structured ) {
+		$trimmed_value = trim( $value );
+			if ( str_starts_with( $trimmed_value, '{' ) || str_starts_with( $trimmed_value, '[' ) ) {
+			$decoded = json_decode( $value, true );
+
+			if ( json_last_error() === JSON_ERROR_NONE ) {
+				$value = $decoded;
+			}
+		}
+	}
+
+
 	if ( isset( $args['anyOf'] ) ) {
 		$matching_schema = rest_find_any_matching_schema( $value, $args, $param );
 		if ( is_wp_error( $matching_schema ) ) {
@@ -2780,6 +2801,26 @@ function rest_validate_integer_value_from_schema( $value, $args, $param ) {
  * @return mixed|WP_Error The sanitized value or a WP_Error instance if the value cannot be safely sanitized.
  */
 function rest_sanitize_value_from_schema( $value, $args, $param = '' ) {
+	// Ensure GET requests can handle JSON-encoded objects/arrays,
+	//aligning with POST body parsing.
+	$type = isset( $args['type'] ) ? $args['type'] : '';
+
+	$is_structured = ( 'object' === $type || 'array' === $type );
+	if ( ! $is_structured && is_array( $type ) ) {
+		$is_structured = in_array( 'object', $type, true ) || in_array( 'array', $type, true );
+	}
+
+	if ( is_string( $value ) && $is_structured ) {
+		$trimmed_value = trim( $value );
+			if ( str_starts_with( $trimmed_value, '{' ) || str_starts_with( $trimmed_value, '[' ) ) {
+			$decoded = json_decode( $value, true );
+
+			if ( json_last_error() === JSON_ERROR_NONE ) {
+				$value = $decoded;
+			}
+		}
+	}
+
 	if ( isset( $args['anyOf'] ) ) {
 		$matching_schema = rest_find_any_matching_schema( $value, $args, $param );
 		if ( is_wp_error( $matching_schema ) ) {
