You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Or adding this comment if you use WPCS: echo urldecode($atts['content']); /* WPCS: xss ok. */
You're outputting mark-up you control, and since that contains HTML there isn't really an escaping function you can use readily in here. Rather you need to inform the code sniffer that the source is OK - you're not just feeding in random visitor data in here.
Hey there 馃憢
Thanks for the plugin - it's really useful!
I have a small bug I'm dealing with - I followed all the steps and I am currently using
urldecode()
with the proper config:However, I'm getting the following error now:
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found 'urldecode'
I'm wondering then would I use instead to as a proper escape function in tandem with the
urldecode
function?I've tried
esc_attr
already but that renders the HTML tags too which I obviously don't want.I've tried looking into this myself and haven't found any answers that preserves the text properly so I figured I'd ask here as well.
The text was updated successfully, but these errors were encountered: