WP_Theme::sanitize_header( string $header, string $value )
Sanitize a theme header.
Parameters
- $header
-
(string) (Required) Theme header. Accepts 'Name', 'Description', 'Author', 'Version', 'ThemeURI', 'AuthorURI', 'Status', 'Tags', 'RequiresWP', 'RequiresPHP'.
- $value
-
(string) (Required) Value to sanitize.
Return
(string|array) An array for Tags header, string otherwise.
Source
File: wp-includes/class-wp-theme.php
private function sanitize_header( $header, $value ) {
switch ( $header ) {
case 'Status':
if ( ! $value ) {
$value = 'publish';
break;
}
// Fall through otherwise.
case 'Name':
static $header_tags = array(
'abbr' => array( 'title' => true ),
'acronym' => array( 'title' => true ),
'code' => true,
'em' => true,
'strong' => true,
);
$value = wp_kses( $value, $header_tags );
break;
case 'Author':
// There shouldn't be anchor tags in Author, but some themes like to be challenging.
case 'Description':
static $header_tags_with_a = array(
'a' => array(
'href' => true,
'title' => true,
),
'abbr' => array( 'title' => true ),
'acronym' => array( 'title' => true ),
'code' => true,
'em' => true,
'strong' => true,
);
$value = wp_kses( $value, $header_tags_with_a );
break;
case 'ThemeURI':
case 'AuthorURI':
$value = esc_url_raw( $value );
break;
case 'Tags':
$value = array_filter( array_map( 'trim', explode( ',', strip_tags( $value ) ) ) );
break;
case 'Version':
case 'RequiresWP':
case 'RequiresPHP':
$value = strip_tags( $value );
break;
}
return $value;
}
Expand full source code Collapse full source code View on Trac View on GitHub
Changelog
| Version | Description |
|---|---|
| 5.4.0 | Added support for Requires at least and Requires PHP headers. |
| 3.4.0 | Introduced. |