wp_check_jsonp_callback() WordPress Function

The wp_check_jsonp_callback() function is used to check if a given string is a valid JSONP callback. This is useful for ensuring that a callback provided by a user is safe to use.

wp_check_jsonp_callback( string $callback ) #

Checks that a JSONP callback is a valid JavaScript callback name.

Contents

Description

Only allows alphanumeric characters and the dot character in callback function names. This helps to mitigate XSS attacks caused by directly outputting user input.

Top ↑

Parameters

$callback

(string)(Required)Supplied JSONP callback function name.

Top ↑

Return

(bool) Whether the callback function name is valid.

Top ↑

Source

File: wp-includes/functions.php

function wp_check_jsonp_callback( $callback ) {
	if ( ! is_string( $callback ) ) {
		return false;
	}

	preg_replace( '/[^\w\.]/', '', $callback, -1, $illegal_char_count );

	return 0 === $illegal_char_count;
}

Expand full source codeCollapse full source codeView on TracView on GitHub

Top ↑

Top ↑

Changelog

Changelog
VersionDescription
4.6.0Introduced.
Download the latest version of WordPress from https://wordpress.org/

The content displayed on this page has been created in part by processing WordPress source code files which are made available under the GPLv2 (or a later version) license by theĀ Free Software Foundation. In addition to this, the content includes user-written examples and information. All material is subject to review and curation by the WPPaste.com community.

Show More
Show More