wp_check_jsonp_callback

Checks that a JSONP callback is a valid JavaScript callback.

Description

wp_check_jsonp_callback( (string) $callback ); 

Only allows alphanumeric characters and the dot character in callback function names. This helps to mitigate XSS attacks caused by directly outputting user input.

Parameters (1)

0. $callback (string)
Supplied JSONP callback function.

Usage

  1. if ( !function_exists( 'wp_check_jsonp_callback' ) ) { 
  2. require_once ABSPATH . WPINC . '/functions.php'; 
  3.  
  4. // Supplied JSONP callback function. 
  5. $callback = ''; 
  6.  
  7. // NOTICE! Understand what this does before running. 
  8. $result = wp_check_jsonp_callback($callback); 
  9.  

Defined (1)

The function is defined in the following location(s).

/wp-includes/functions.php  
  1. function wp_check_jsonp_callback( $callback ) { 
  2. if ( ! is_string( $callback ) ) { 
  3. return false; 
  4.  
  5. preg_replace( '/[^\w\.]/', '', $callback, -1, $illegal_char_count ); 
  6.  
  7. return 0 === $illegal_char_count;