Alert: This function’s access is marked private. This means it is not intended for use by plugin or theme developers, only in other core functions. It is listed here for completeness.
WP_Theme::sanitize_header( string $header, string $value ): string|array
Sanitizes a theme header.
Parameters
-
$headerstring Required -
Theme header. Accepts
'Name','Description','Author','Version','ThemeURI','AuthorURI','Status','Tags','RequiresWP','RequiresPHP','UpdateURI'. -
$valuestring Required -
Value to sanitize.
Return
string|array An array for Tags header, string otherwise.
Source
File: wp-includes/class-wp-theme.php.
View all references
private function sanitize_header( $header, $value ) {
switch ( $header ) {
case 'Status':
if ( ! $value ) {
$value = 'publish';
break;
}
// Fall through otherwise.
case 'Name':
static $header_tags = array(
'abbr' => array( 'title' => true ),
'acronym' => array( 'title' => true ),
'code' => true,
'em' => true,
'strong' => true,
);
$value = wp_kses( $value, $header_tags );
break;
case 'Author':
// There shouldn't be anchor tags in Author, but some themes like to be challenging.
case 'Description':
static $header_tags_with_a = array(
'a' => array(
'href' => true,
'title' => true,
),
'abbr' => array( 'title' => true ),
'acronym' => array( 'title' => true ),
'code' => true,
'em' => true,
'strong' => true,
);
$value = wp_kses( $value, $header_tags_with_a );
break;
case 'ThemeURI':
case 'AuthorURI':
$value = sanitize_url( $value );
break;
case 'Tags':
$value = array_filter( array_map( 'trim', explode( ',', strip_tags( $value ) ) ) );
break;
case 'Version':
case 'RequiresWP':
case 'RequiresPHP':
case 'UpdateURI':
$value = strip_tags( $value );
break;
}
return $value;
}
Changelog
| Version | Description |
|---|---|
| 6.1.0 | Added support for Update URI header. |
| 5.4.0 | Added support for Requires at least and Requires PHP headers. |
| 3.4.0 | Introduced. |