From 5ed7a0ca53bb4056f7ceaa900e8f443d7672c78d Mon Sep 17 00:00:00 2001
From: Bernd Bestel <bernd@berrnd.de>
Date: Sat, 17 Oct 2020 11:15:31 +0200
Subject: [PATCH] Don't strip boolean values (references #996, fixes #1055)

---
 controllers/BaseApiController.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/controllers/BaseApiController.php b/controllers/BaseApiController.php
index ed3557b0..698c4779 100644
--- a/controllers/BaseApiController.php
+++ b/controllers/BaseApiController.php
@@ -128,7 +128,12 @@ class BaseApiController extends BaseController
 		$requestBody = $request->getParsedBody();
 		foreach ($requestBody as $key => &$value)
 		{
-			$value = self::$htmlPurifierInstance->purify($value);
+			// HTMLPurifier removes boolean values (true/false), so explicitly keep them
+			// Maybe also possible through HTMLPurifier config (http://htmlpurifier.org/live/configdoc/plain.html)
+			if (!is_bool($value))
+			{
+				$value = self::$htmlPurifierInstance->purify($value);
+			}
 		}
 
 		return $requestBody;