[wp-trac] [WordPress Trac] #33235: Drop strip_tags() for widget titles in forms

WordPress Trac noreply at wordpress.org
Mon Aug 3 06:25:25 UTC 2015

#33235: Drop strip_tags() for widget titles in forms
 Reporter:  greenshady    |       Owner:
     Type:  defect (bug)  |      Status:  new
 Priority:  normal        |   Milestone:  Awaiting Review
Component:  Widgets       |     Version:  trunk
 Severity:  normal        |  Resolution:
 Keywords:                |     Focuses:

Comment (by westonruter):

 I think `strip_tags()` is perhaps a legacy option where a newer more
 appropriate sanitizing function `sanitize_text_field()` is available now
 which strips tags in addition to doing a lot more, like trimming
 whitespace and ensuring valid encoding. In any case, we shouldn't be using
 `esc_attr()` for sanitizing input anyway.

Ticket URL: <https://core.trac.wordpress.org/ticket/33235#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list