Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Previously, everything was running through esc_html(). However, this meant that HTML could not be passed though. Instead, we manually apply all of the xprofile filter callbacks, except esc_html(). This should provide enough security for now. In the future, may want to refactor this to use add_filter() callbacks or something more elegant.
- Loading branch information