Custom sanitization

Support General Custom sanitizationResolved

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #20522
    maybeadevmaybeadev
    Participant

    Hi:

    I've tried to use the field attribute 'sanitize_callback' => 'none' as specified in the documentation to not sanitize a field. However, that does not seem to be working - can you please confirm that is the proper syntax?

    I've seen one prior forum message that seems to specify using a filter so not sure if I should be using the attribute method or the filter.

    I tried adding a custom function as such:
    'sanitize_callback' => 'my_function' but debugging into that functions shows that the function isn't being called.

    So I'm wondering if the documentation is accurate or if there's something else I need to do. Basically I want to remove all sanitization from a single instance of a textbox. I thought using 'none' on the 'sanitize_callback' field attribute would be a simple way to accomplish this but so far I cannot seem to make it work.

    Thanks!

    #20525
    Long NguyenLong Nguyen
    Moderator

    Hi,

    Fields text and textarea use the function wp_kses_post() to sanitize the input value. And the option 'sanitize_callback' => 'none' works well with these fields.

    Please see my screen record https://www.loom.com/share/5322db2599624d43a775665ef0c438e9. I've just checked with the <script> tag which does not pass the sanitization by default.

    For more information, please follow the documentation.
    https://developer.wordpress.org/reference/functions/wp_kses_post/
    https://docs.metabox.io/sanitization/

    #20527
    maybeadevmaybeadev
    Participant

    Huh. Ok, thanks very much for double-checking for me and confirming.

Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.