[wp-trac] [WordPress Trac] #34659: Whitelist for validation functions which only accept one argument
WordPress Trac
noreply at wordpress.org
Wed Nov 11 15:04:19 UTC 2015
#34659: Whitelist for validation functions which only accept one argument
-----------------------------+------------------
Reporter: danielbachhuber | Owner:
Type: defect (bug) | Status: new
Priority: normal | Milestone: 4.4
Component: REST API | Version:
Severity: normal | Resolution:
Keywords: has-patch | Focuses:
-----------------------------+------------------
Comment (by danielbachhuber):
Replying to [comment:1 TimothyBlynJacobs]:
> The idea of whitelisting functions seems quite a bit kludgy. Most of my
sanitization functions, for example, also only accept one parameter. And
whitelisting all of those doesn't seem ideal. Plus, what about functions
that only need access to the first two?
In each of these cases, do the functions error or exhibit unexpected
behavior when additional arguments are passed? If not, and they silently
discard the extra arguments, then you wouldn't need to whitelist them.
> Why not specify the number of arguments to be passed to the sanitization
function the same way we do for hooks?
Could, although that's a different type of complexity. What would the
syntax look like?
--
Ticket URL: <https://core.trac.wordpress.org/ticket/34659#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list