WordPress.org

Make WordPress Core

Changes between Initial Version and Version 1 of Ticket #22690, comment 5


Ignore:
Timestamp:
12/03/12 19:50:28 (17 months ago)
Author:
nacin
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #22690, comment 5

    initial v1  
    33It's possible that in the future, sanitize_html_class() is expanded to all characters possible in a class, which is slightly different than what is allowed in an ID. 
    44 
    5 sanitize_key() seems fine here. But, either functioncould break a hypothetically valid ID already in use. "nav below" is not a valid ID. Perhaps we rename the argument from $nav_id to $html_id and then just drop esc_attr() in. There is only so much we should do to prevent someone from shooting themselves in the foot. Eventually they're just going to do it. 
     5sanitize_key() seems fine here. But, either function could break a hypothetically valid ID already in use. "nav below" is not a valid ID. Perhaps we rename the argument from $nav_id to $html_id and then just drop esc_attr() in. There is only so much we should do to prevent someone from shooting themselves in the foot. Eventually they're just going to do it.