wp_sanitize_script_attributes()
Sanitizes an attributes array into an attributes string to be placed inside a <script> tag.
Automatically injects type attribute if needed. Used by wp_get_script_tag() and wp_get_inline_script_tag().
No Hooks.
Return
String
. String made of sanitized <script> tag attributes.
Usage
wp_sanitize_script_attributes( $attributes );
- $attributes(array) (required)
- Key-value pairs representing <script> tag attributes.
Changelog
Since 5.7.0 | Introduced. |
wp_sanitize_script_attributes() wp sanitize script attributes code WP 6.7.1
function wp_sanitize_script_attributes( $attributes ) { $html5_script_support = ! is_admin() && ! current_theme_supports( 'html5', 'script' ); $attributes_string = ''; /* * If HTML5 script tag is supported, only the attribute name is added * to $attributes_string for entries with a boolean value, and that are true. */ foreach ( $attributes as $attribute_name => $attribute_value ) { if ( is_bool( $attribute_value ) ) { if ( $attribute_value ) { $attributes_string .= $html5_script_support ? sprintf( ' %1$s="%2$s"', esc_attr( $attribute_name ), esc_attr( $attribute_name ) ) : ' ' . esc_attr( $attribute_name ); } } else { $attributes_string .= sprintf( ' %1$s="%2$s"', esc_attr( $attribute_name ), esc_attr( $attribute_value ) ); } } return $attributes_string; }