WP_Theme::sanitize_header()
Sanitizes a theme header.
Method of the class: WP_Theme{}
No Hooks.
Return
String|Array
. An array for Tags header, string otherwise.
Usage
// private - for code of main (parent) class only $result = $this->sanitize_header( $header, $value );
- $header(string) (required)
- Theme header. Accepts 'Name', 'Description', 'Author', 'Version', 'ThemeURI', 'AuthorURI', 'Status', 'Tags', 'RequiresWP', 'RequiresPHP', 'UpdateURI'.
- $value(string) (required)
- Value to sanitize.
Changelog
Since 3.4.0 | Introduced. |
Since 5.4.0 | Added support for Requires at least and Requires PHP headers. |
Since 6.1.0 | Added support for Update URI header. |
WP_Theme::sanitize_header() WP Theme::sanitize header code WP 6.7.1
private function sanitize_header( $header, $value ) { switch ( $header ) { case 'Status': if ( ! $value ) { $value = 'publish'; break; } // Fall through otherwise. case 'Name': static $header_tags = array( 'abbr' => array( 'title' => true ), 'acronym' => array( 'title' => true ), 'code' => true, 'em' => true, 'strong' => true, ); $value = wp_kses( $value, $header_tags ); break; case 'Author': // There shouldn't be anchor tags in Author, but some themes like to be challenging. case 'Description': static $header_tags_with_a = array( 'a' => array( 'href' => true, 'title' => true, ), 'abbr' => array( 'title' => true ), 'acronym' => array( 'title' => true ), 'code' => true, 'em' => true, 'strong' => true, ); $value = wp_kses( $value, $header_tags_with_a ); break; case 'ThemeURI': case 'AuthorURI': $value = sanitize_url( $value ); break; case 'Tags': $value = array_filter( array_map( 'trim', explode( ',', strip_tags( $value ) ) ) ); break; case 'Version': case 'RequiresWP': case 'RequiresPHP': case 'UpdateURI': $value = strip_tags( $value ); break; } return $value; }