[theme-reviewers] Meta boxes
Chip Bennett
chip at chipbennett.net
Wed Jul 2 14:12:51 UTC 2014
Correct.
And the same applies to custom Widgets. Untrusted data are untrusted data:
whether Theme options, custom post meta, Widgets, or any other means of
introducing untrusted data.
On Wed, Jul 2, 2014 at 9:07 AM, Ola Łączek <ola at bodera.com> wrote:
> Hello!
>
> If a theme uses meta boxes the same rules apply as with theme options -
> values should be sanitized on input and escaped on output, correct?
>
> Best regards,
> Ola Laczek
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20140702/db2b5e40/attachment.html>
More information about the theme-reviewers
mailing list