wp_check_jsonp_callback() – Function | Developer.WordPress.org

wp_check_jsonp_callback( string $callback ): bool

Checks that a JSONP callback is a valid JavaScript callback name.

Description

Only allows alphanumeric characters and the dot character in callback function names. This helps to mitigate XSS attacks caused by directly outputting user input.

Parameters

$callbackstringrequired: Supplied JSONP callback function name.

Return

bool Whether the callback function name is valid.

Source

function wp_check_jsonp_callback( $callback ) {	if ( ! is_string( $callback ) ) {	return false;	}	preg_replace( '/[^\w\.]/', '', $callback, -1, $illegal_char_count );	return 0 === $illegal_char_count; }

View all references View on Trac View on GitHub

Used by	Description
wp_is_jsonp_request()`wp-includes/load.php`	Checks whether current request is a JSONP request, or is expecting a JSONP response.
WP_REST_Server::serve_request()`wp-includes/rest-api/class-wp-rest-server.php`	Handles serving a REST API request.

Changelog

Version	Description
4.6.0	Introduced.

User Contributed Notes

You must log in before being able to contribute a note or feedback.