wp_check_jsonp_callback( string $callback ): bool
Checks that a JSONP callback is a valid JavaScript callback name.
Description
Only allows alphanumeric characters and the dot character in callback function names. This helps to mitigate XSS attacks caused by directly outputting user input.
Parameters
$callbackstring Required-
Supplied JSONP callback function name.
Return
bool Whether the callback function name is valid.
Source
File: wp-includes/functions.php. View all references
function wp_check_jsonp_callback( $callback ) {
if ( ! is_string( $callback ) ) {
return false;
}
preg_replace( '/[^\w\.]/', '', $callback, -1, $illegal_char_count );
return 0 === $illegal_char_count;
}
Related
Used By
| Used By | Description |
|---|---|
| wp_is_jsonp_request() wp-includes/load.php | Checks whether current request is a JSONP request, or is expecting a JSONP response. |
| WP_REST_Server::serve_request() wp-includes/rest-api/class-wp-rest-server.php | Handles serving a REST API request. |
Changelog
| Version | Description |
|---|---|
| 4.6.0 | Introduced. |
© 2003–2022 WordPress Foundation
Licensed under the GNU GPLv2+ License.
https://developer.wordpress.org/reference/functions/wp_check_jsonp_callback