Home Forums Feedback acf_form security documentation Reply To: acf_form security documentation

  • Yep, sorry I should have made it clear, you would use this function in the filter the way you have it.

    I was thinking about it and, I’m a bit of a security fanatic. Just because there’s JavaScript validation on a lot of ACF fields does not mean someone couldn’t submit unwanted values for any type of field. Some would say that I’m a bit overzealous when it comes to security.

    I’m pretty sure that my function is safe for all of the built in ACF field types, but I have not tested it with every type of field. There are a few add on fields that I know of that it may not be safe for. On the other hand, if I was using acf_form to allow users to submit content I’d be extremely careful about the types of field I allowed and in some cases I’d build my own validation to ensure that nothing noxious was submitted.