From a0876e06cdeaee9c1efafe29e51d53dfedb2b6f6 Mon Sep 17 00:00:00 2001
From: Rachel Baker <rachelbaker@git.wordpress.org>
Date: Thu, 3 Nov 2016 01:25:48 +0000
Subject: [PATCH] REST API: Use the `items` attribute for the taxonomies
 `types` schema property for proper sanitization/validation.

Props danielbachhuber, joehoyle.
Fixes #38631.

git-svn-id: https://develop.svn.wordpress.org/trunk@39103 602fd350-edb4-49c9-b593-d223f7449a82
---
 .../rest-api/endpoints/class-wp-rest-taxonomies-controller.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/wp-includes/rest-api/endpoints/class-wp-rest-taxonomies-controller.php b/src/wp-includes/rest-api/endpoints/class-wp-rest-taxonomies-controller.php
index 98a5e21a3e..5ae26212df 100644
--- a/src/wp-includes/rest-api/endpoints/class-wp-rest-taxonomies-controller.php
+++ b/src/wp-includes/rest-api/endpoints/class-wp-rest-taxonomies-controller.php
@@ -279,6 +279,9 @@ class WP_REST_Taxonomies_Controller extends WP_REST_Controller {
 				'types'            => array(
 					'description'  => __( 'Types associated with resource.' ),
 					'type'         => 'array',
+					'items'        => array(
+						'type' => 'string',
+					),
 					'context'      => array( 'view', 'edit' ),
 					'readonly'     => true,
 				),