This function’s access is marked private. This means it is not intended for use by plugin or theme developers, only in other core functions. It is listed here for completeness.
WP_Theme::sanitize_header( string $header, string $value )
Sanitizes a theme header.
Parameters
- $header
-
(Required) Theme header. Accepts 'Name', 'Description', 'Author', 'Version', 'ThemeURI', 'AuthorURI', 'Status', 'Tags', 'RequiresWP', 'RequiresCP', 'RequiresPHP', 'UpdateURI'.
- $value
-
(Required) Value to sanitize.
Return
(string|array) An array for Tags header, string otherwise.
Source
File: wp-includes/class-wp-theme.php
private function sanitize_header( $header, $value ) {
switch ( $header ) {
case 'Status' :
if ( ! $value ) {
$value = 'publish';
break;
}
// Fall through otherwise.
case 'Name' :
static $header_tags = array(
'abbr' => array( 'title' => true ),
'acronym' => array( 'title' => true ),
'code' => true,
'em' => true,
'strong' => true,
);
$value = wp_kses( $value, $header_tags );
break;
case 'Author' :
// There shouldn't be anchor tags in Author, but some themes like to be challenging.
case 'Description' :
static $header_tags_with_a = array(
'a' => array( 'href' => true, 'title' => true ),
'abbr' => array( 'title' => true ),
'acronym' => array( 'title' => true ),
'code' => true,
'em' => true,
'strong' => true,
);
$value = wp_kses( $value, $header_tags_with_a );
break;
case 'ThemeURI' :
case 'AuthorURI' :
$value = esc_url_raw( $value );
break;
case 'Tags' :
$value = array_filter( array_map( 'trim', explode( ',', strip_tags( $value ) ) ) );
break;
case 'Version' :
$value = strip_tags( $value );
break;
}
return $value;
}
Changelog
| Version | Description |
|---|---|
| 6.1.0 | Added support for Update URI header. |
| 5.4.0 | Added support for Requires at least and Requires PHP headers. |
| 3.4.0 | Introduced. |