Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automatic Whitelisting in sanitation functions #8

Open
acobster opened this issue Mar 10, 2018 · 0 comments
Open

Automatic Whitelisting in sanitation functions #8

acobster opened this issue Mar 10, 2018 · 0 comments
Assignees
@sdunham
Labels
enhancement New feature or request

Comments

@acobster
Copy link
Contributor

acobster commented Mar 10, 2018
edited
Loading

While WordPress's security feature for automatically sanitizing HTML attrs and hooks is definitely a Good Thing, it's bitten us in the past, e.g. when trying to output custom data attrs from a woocommerce hook. The (tricky to find) solution was to explicitly whitelist the data attributes.

It'd be nice to automatically whitelist HTML attributes and tags for WordPress sanitation functions from Twig. Provide a Twig mechanism, such as a macro, that performs this whitelisting transparently from within Twig, so that we don't have to explicitly do this elsewhere in PHP.
@acobster acobster added the enhancement New feature or request label Mar 10, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sdunham sdunham

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@acobster @sdunham