Importing JSON feed should the content be sanitized?

There are two aspects here

  1. obviously all input should be sanitized
  2. JSON is just a wrapper no different then any other type of container which is used to aggregate data for transmission. You almost never sanitize the container as usually in case of an error you will just not be able to extract the data from it, but each piece of data should be sanitized. Since sanitization depends on context it is just impossible to have a generic rules that can be applied to all data in all the possible contexts.

So you need to do sanitization, but can you just trust core API to do it for you? It again depends on context. If you just need the data to be stored in the DB without breaking anything then the DB access APIs will do everything for you, but if you have to have the content of a post be XHTML complient then you will have to write your own validation.

In one line: Always sanitize input as much as possible. Once everything is sanitized on the “data model” level, you can trust wordpress API to not generate additional gotca moments.

Related Posts:

  1. Can comments be used in JSON?
  2. Angular: ‘Cannot find a differ supporting object ‘[object Object]’ of type ‘object’. NgFor only supports binding to Iterables such as Arrays’
  3. Grabbing the current viewer count for youtube live streaming
  4. Use of PUT vs PATCH methods in REST API real life scenarios
  5. What is the easiest way to convert an Excel spreadsheet with tabular data to JSON? [closed]
  6. Can comments be used in JSON?
  7. Yahoo Finance All Currencies quote API Documentation
  8. Select objects based on value of variable in object using jq
  9. uncaught syntaxerror unexpected token U JSON
  10. How to install JQ on Mac on the command line?
  11. Representing null in JSON
  12. pretty-print JSON using JavaScript
  13. Representing null in JSON
  14. YAML equivalent of array of objects in JSON
  15. Are multi-line strings allowed in JSON?
  16. Parsing a JSON string in Ruby
  17. Are multi-line strings allowed in JSON?
  18. How to remove the quotes when reading a variable in jq in shell?
  19. Basic example of using .ajax() with JSONP?
  20. Best way to save data in Unity game
  21. Javascript Object push() function
  22. How do you represent a JSON array of strings?
  23. Using Wikipedia API on custom wikis like Bulbapedia
  24. How to parse Excel (XLS) file in Javascript/HTML5
  25. XSLT equivalent for JSON
  26. RestClientException: Could not extract response. no suitable HttpMessageConverter found
  27. Why do i need `typings.json` file in an Angular 2 project?
  28. How do I make a JSON object with multiple arrays?
  29. An error occurred while installing json (1.8.1), and Bundler cannot continue – Rails
  30. How to sort a json file by keys and values of those keys in jq
  31. [npm notice created a lockfile as package-lock.json. You should commit this file
  32. Sending JSON string through wp_remote_post()
  33. using wp_remote_get instead of file_get_contents [duplicate]
  34. Show popular post in another php website via WP REST JSON API
  35. What are the Oembed Links For?
  36. Get Image URL instead of Attachment Id in Rest API
  37. What is /wp-json?
  38. Import JSON feed to WordPress
  39. Include custom post meta value in fetched JSON
  40. Unset data in custom post type WordPress API (wp-json)
  41. How to retrieve wp_ json_encode data from custom WordPress database table
  42. How to use the new WordPress 4.4 JSON API?
  43. WP REST API – Retrieve content from page
  44. Create filtered list of posts using JSON data
  45. Android authentication
  46. Passing Meta array in wp-rest api
  47. Have WordPress generate a JSON of the content
  48. Inserting custom post meta value using WP-REST API
  49. Adding JSON Structured Data to WordPress
  50. WP REST API format response
  51. esc_attr() corrupts json values
  52. How to display Unicode correctly?
  53. JSON API plugin, Get posts by category return no post
  54. Pre insert data when adding new custom post fire a json error
  55. Generate/save JSON or XML file from JSON script
  56. WordPress Unexpected token < in JSON at position 0
  57. Update the values ​of a json file in wordpress [closed]
  58. How to send s2member plugin’s wordpress user data in json format to a url in php [closed]
  59. data (html) migration to posts
  60. Create and Update a Json file
  61. How to display json_encode via $wpdb
  62. Why is json_decode failing?
  63. wordpress is adding a second backslash when I use addslashes
  64. How to get a custom entry field label with Gravity Forms?
  65. WP REST API. Configuring JSON routes
  66. JSON-LD: creating an AggregateOffer from many shortcode
  67. Strange “lea” prefix on wp-json
  68. How to display partial values of JSON Encode values
  69. Retrieving a JSON feed of my posts and displaying thumbnails
  70. uneven behaviour create a post in using json api with white spaces
  71. XML to Json code issue
  72. WordPress restrict access to rest only
  73. Import JSON feed into WordPress Post (wp_insert_post) every 24 hours
  74. Sending a post request with JSON content type
  75. A special character I am trying to include in a page keeps getting rejected with error “Updating failed. The response is not a valid JSON response.”
  76. Received Updateing failed. not a valid JSON response. linked with _locale=user
  77. Automatically import content to wordpress from a json file
  78. JSON api oembed youtube
  79. Problems getting values from response from wp_remote_post
  80. Wrong encoding of dynamic block properties problem
  81. i am using api add post in wordpress
  82. Add binary or json animation to wordpress site
  83. JSON Schema Output Object rather than Array
  84. Add custom schema to post
  85. How can cookie/session authentication be used in wp-json fetch request?
  86. Get the name of the post type
  87. Pull Content from JSON file (Same Server)
  88. adding two json fields to post_content
  89. json API plugin not returning any post with get_category_posts
  90. Dynamic data table from external json feed
  91. return content section as json in wp rest api v1
  92. Remove a field from json in wp rest api v1
  93. Create a file format (csv,json,etc) when save/update a Post
  94. Output JSON and no theme
  95. Get JSON from self hosted wordpress site
  96. how build custom json api controller for all registered users
  97. How do i save this python code to text file.? [closed]
  98. Custom Backend data for map to JSON file?
  99. Fatal error in custom end point in WP-JSON
  100. Error /wp-json/wp/v2/posts/ [closed]

Leave a Comment