Home Forums Feedback acf_form security documentation Reply To: acf_form security documentation

  • Although a one-line solution would be nice, I think the most imperative thing is simply updating the documentation. I feel like I need to be clear that the current recommendation on there is DANGEROUS to anyone using repeater and FC fields.

    In my case, I came across the suggestion, thought “more security and XSS removal is good”, installed it and tested it without testing the more complex fields. That was sitting on my website for about a week, until a user finally contacted me telling me that their fields were “weird” and they couldn’t figure it out. That means that any user who updated their listing on my site that week would have destroyed any data they had previously entered into a repeater field, even if they were just changing one simple field.

    Not only is the current documentation potentially harmful, but at the very least it’s confusing to determine what the problem is. Is there somewhere else I should be recommending documentation changes?