I’m getting more into strict data sanitization and I’m confused a bit in some places of the Twenty Eleven theme. I always saw this theme as the epitome of WordPress standards… a sort of template to derive other themes from, both in terms of usability and coding practices.
However, I’m noticing that in some places it doesn’t seem like data is being sanitized properly. E.G: when posts are being output there will be a line when no post is found for the no post found title:
<?php _e( 'Nothing Found', 'twentyeleven' ); ?>
Shouldn’t this line be:
<?php esc_html_e( 'Nothing Found', 'twentyeleven' ); ?>
Maybe I’m just not understanding the best practices of data sanitization… anyone have some enlightenment into this?
- The topic ‘[Theme: Twenty Eleven] Data Sanitization’ is closed to new replies.