[wp-trac] [WordPress Trac] #41450: sanitize_text_field() assumes the field is a string
WordPress Trac
noreply at wordpress.org
Wed Feb 6 10:29:33 UTC 2019
#41450: sanitize_text_field() assumes the field is a string
--------------------------+---------------------
Reporter: johnbillion | Owner: pento
Type: defect (bug) | Status: closed
Priority: low | Milestone: 5.1
Component: Formatting | Version: 2.9
Severity: normal | Resolution: fixed
Keywords: has-patch | Focuses:
--------------------------+---------------------
Changes (by pento):
* keywords: has-patch dev-feedback => has-patch
* status: reopened => closed
* resolution: => fixed
Comment:
Given that `sanitize_text_field()` is intended to take user input and
sanitise it, I'm inclined to [44618] as is. I much prefer returning an
empty value rather than an undefined value, the latter could potentially
be a vector for security issues.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/41450#comment:11>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list