Alert: This function’s access is marked private. This means it is not intended for use by plugin or theme developers, only in other core functions. It is listed here for completeness.

WP_Theme::sanitize_header() WordPress Method

The WP_Theme::sanitize_header() is a method used to clean up the raw data retrieved from a theme header. This is useful if you want to ensure that the data is safe to use and display on your website.

WP_Theme::sanitize_header( string $header, string $value ) #

Sanitizes a theme header.

Contents

Parameters

$header

(string)(Required)Theme header. Accepts 'Name', 'Description', 'Author', 'Version', 'ThemeURI', 'AuthorURI', 'Status', 'Tags', 'RequiresWP', 'RequiresPHP'.

$value

(string)(Required)Value to sanitize.

Top ↑

Return

(string|array) An array for Tags header, string otherwise.

Top ↑

Source

File: wp-includes/class-wp-theme.php

	private function sanitize_header( $header, $value ) {
		switch ( $header ) {
			case 'Status':
				if ( ! $value ) {
					$value = 'publish';
					break;
				}
				// Fall through otherwise.
			case 'Name':
				static $header_tags = array(
					'abbr'    => array( 'title' => true ),
					'acronym' => array( 'title' => true ),
					'code'    => true,
					'em'      => true,
					'strong'  => true,
				);

				$value = wp_kses( $value, $header_tags );
				break;
			case 'Author':
				// There shouldn't be anchor tags in Author, but some themes like to be challenging.
			case 'Description':
				static $header_tags_with_a = array(
					'a'       => array(
						'href'  => true,
						'title' => true,
					),
					'abbr'    => array( 'title' => true ),
					'acronym' => array( 'title' => true ),
					'code'    => true,
					'em'      => true,
					'strong'  => true,
				);

				$value = wp_kses( $value, $header_tags_with_a );
				break;
			case 'ThemeURI':
			case 'AuthorURI':
				$value = esc_url_raw( $value );
				break;
			case 'Tags':
				$value = array_filter( array_map( 'trim', explode( ',', strip_tags( $value ) ) ) );
				break;
			case 'Version':
			case 'RequiresWP':
			case 'RequiresPHP':
				$value = strip_tags( $value );
				break;
		}

		return $value;
	}

Expand full source codeCollapse full source codeView on TracView on GitHub

Top ↑

Top ↑

Changelog

Changelog
VersionDescription
5.4.0Added support for Requires at least and Requires PHP headers.
3.4.0Introduced.
Download the latest version of WordPress from https://wordpress.org/

The content displayed on this page has been created in part by processing WordPress source code files which are made available under the GPLv2 (or a later version) license by theĀ Free Software Foundation. In addition to this, the content includes user-written examples and information. All material is subject to review and curation by the WPPaste.com community.