wp_check_jsonp_callback( string $callback )
Checks that a JSONP callback is a valid JavaScript callback.
Description
Only allows alphanumeric characters and the dot character in callback function names. This helps to mitigate XSS attacks caused by directly outputting user input.
Parameters
- $callback
-
(Required) Supplied JSONP callback function.
Return
(bool) True if valid callback, otherwise false.
Source
File: wp-includes/functions.php
function wp_check_jsonp_callback( $callback ) {
if ( ! is_string( $callback ) ) {
return false;
}
preg_replace( '/[^\w\.]/', '', $callback, -1, $illegal_char_count );
return 0 === $illegal_char_count;
}
Changelog
Version | Description |
---|---|
WP-4.6.0 | Introduced. |