WP_Theme::sanitize_header( string $header, string $value )

Sanitize a theme header.


Parameters

$header

(string) (Required) Theme header. Accepts 'Name', 'Description', 'Author', 'Version', 'ThemeURI', 'AuthorURI', 'Status', 'Tags', 'RequiresWP', 'RequiresPHP'.

$value

(string) (Required) Value to sanitize.


Top ↑

Return

(string|array) An array for Tags header, string otherwise.


Top ↑

Source

File: wp-includes/class-wp-theme.php

	private function sanitize_header( $header, $value ) {
		switch ( $header ) {
			case 'Status':
				if ( ! $value ) {
					$value = 'publish';
					break;
				}
				// Fall through otherwise.
			case 'Name':
				static $header_tags = array(
					'abbr'    => array( 'title' => true ),
					'acronym' => array( 'title' => true ),
					'code'    => true,
					'em'      => true,
					'strong'  => true,
				);

				$value = wp_kses( $value, $header_tags );
				break;
			case 'Author':
				// There shouldn't be anchor tags in Author, but some themes like to be challenging.
			case 'Description':
				static $header_tags_with_a = array(
					'a'       => array(
						'href'  => true,
						'title' => true,
					),
					'abbr'    => array( 'title' => true ),
					'acronym' => array( 'title' => true ),
					'code'    => true,
					'em'      => true,
					'strong'  => true,
				);

				$value = wp_kses( $value, $header_tags_with_a );
				break;
			case 'ThemeURI':
			case 'AuthorURI':
				$value = esc_url_raw( $value );
				break;
			case 'Tags':
				$value = array_filter( array_map( 'trim', explode( ',', strip_tags( $value ) ) ) );
				break;
			case 'Version':
			case 'RequiresWP':
			case 'RequiresPHP':
				$value = strip_tags( $value );
				break;
		}

		return $value;
	}


Top ↑

Changelog

Changelog
Version Description
5.4.0 Added support for Requires at least and Requires PHP headers.
3.4.0 Introduced.

Top ↑

User Contributed Notes

You must log in before being able to contribute a note or feedback.