wp_sanitize_script_attributes() – Sanitizes an attributes array into an attributes string to be placed inside a `<script>` tag.

You appear to be a bot. Output may be restricted

Description

Sanitizes an attributes array into an attributes string to be placed inside a <script> tag.

Automatically injects type attribute if needed. Used by {@see wp_get_script_tag()} and {@see wp_get_inline_script_tag()}.

Usage

$string = wp_sanitize_script_attributes( $attributes );

Parameters

$attributes
( array ) required – Key-value pairs representing <script> tag attributes.

Returns

string String made of sanitized <script> tag attributes.

Source

File name: wordpress/wp-includes/script-loader.php
Lines:

1 to 18 of 18
function wp_sanitize_script_attributes( $attributes ) {
  $html5_script_support = ! is_admin() && ! current_theme_supports( 'html5', 'script' );
  $attributes_string    = '';

  // If HTML5 script tag is supported, only the attribute name is added
  // to $attributes_string for entries with a boolean value, and that are true.
  foreach ( $attributes as $attribute_name => $attribute_value ) {
    if ( is_bool( $attribute_value ) ) {
      if ( $attribute_value ) {
        $attributes_string .= $html5_script_support ? sprintf( ' %1$s="%2$s"', esc_attr( $attribute_name ), esc_attr( $attribute_name ) ) : ' ' . esc_attr( $attribute_name );
      }
    } else {
      $attributes_string .= sprintf( ' %1$s="%2$s"', esc_attr( $attribute_name ), esc_attr( $attribute_value ) );
    }
  }

  return $attributes_string;
}
 

 View on GitHub View on Trac