Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ WP Plugin Review Feedback ] Data Must be Sanitized, Escaped, and Validated #9

Open
tonyzeoli opened this issue Jun 6, 2024 · 0 comments
Open

[ WP Plugin Review Feedback ] Data Must be Sanitized, Escaped, and Validated #9

tonyzeoli opened this issue Jun 6, 2024 · 0 comments
Assignees
@majick777
Labels
bug Something isn't working

Comments

@tonyzeoli
Copy link
Member

Data Must be Sanitized, Escaped, and Validated

When you include POST/GET/REQUEST/FILE calls in your plugin, it's important to sanitize, validate, and escape them. The goal here is to prevent a user from accidentally sending trash data through the system, as well as protecting them from potential security issues.

SANITIZE: Data that is input (either by a user or automatically) must be sanitized as soon as possible. This lessens the possibility of XSS vulnerabilities and MITM attacks where posted data is subverted.

VALIDATE: All data should be validated, no matter what. Even when you sanitize, remember that you don’t want someone putting in ‘dog’ when the only valid values are numbers.

ESCAPE: Data that is output must be escaped properly when it is echo'd, so it can't hijack admin screens. There are many esc_*() functions you can use to make sure you don't show people the wrong data.

To help you with this, WordPress comes with a number of sanitization and escaping functions. You can read about those here:

https://developer.wordpress.org/apis/security/sanitizing/
https://developer.wordpress.org/apis/security/escaping/

Remember: You must use the most appropriate functions for the context. If you’re sanitizing email, use sanitize_email(), if you’re outputting HTML, use wp_kses_post(), and so on.

An easy mantra here is this:

Sanitize early
Escape Late
Always Validate

Clean everything, check everything, escape everything, and never trust the users to always have input sane data. After all, users come from all walks of life.

Example(s) from your plugin:
stream-player-master/stream-player-admin.php:1110 if ( !wp_verify_nonce( $_REQUEST['nonce'], 'stream_player_subscribe' ) ) {

Note: When checking a nonce using wp_verify_nonce you will need to sanitize the input using wp_unslash AND sanitize_text_field , this is because this function is pluggable, and extenders should not trust its input values.

Example:
if ( ! isset( $_POST['prefix_nonce'] ) || ! wp_verify_nonce( sanitize_text_field( wp_unslash ( $_POST['prefix_nonce'] ) ) , 'prefix_nonce' ) )

Example(s) from your plugin:
stream-player-master/stream-player-admin.php:1110 if ( !wp_verify_nonce( $_REQUEST['nonce'], 'stream_player_subscribe' ) ) {
@tonyzeoli tonyzeoli added the bug Something isn't working label Jun 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@majick777 majick777

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tonyzeoli @majick777