search

Automattic / camptix

Moved to https://github.com/WordPress/wordcamp.org/
176 stars 94 forks source link

Remove unnecessary front-end escaping #150

Closed iandunn closed 6 years ago

iandunn commented 8 years ago

41c8e46228ace418e7ebb801b160df8521bd6a5f added some escaping in form_start(), but using HTML there is legitimate in some use cases. It's only called on the front-end, so escaping is probably unnecessary.

I need to double check if there was some reason I added it, and am currently forgetting, but I think I just didn't realize it was a front-end function because I was going through a long phpcs report.

If it is necessary, wp_kses() could be used instead.

See https://wordpress.slack.com/archives/meta-wordcamp/p1476251187000476

tomjn commented 7 years ago

Bonus points for using wp_kses_post

JulienMelissas commented 6 years ago

I'm working on this one right now!