Case where WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
might be a bit counter-intuitive
#2246
Labels
WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
might be a bit counter-intuitive
#2246
Bug Description
The
WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
error is thrown when a GET parameter is unslashed and then only used in a direct comparison, but it's not thrown when it's only used in a direct comparison.I would expect the same behavior between those two cases, ideally and more specifically for that error to not appear in both cases.
Minimal Code Snippet
The issue happens when running this command:
... over a file containing this code:
but not over a file containing this code:
Error Code
It would probably make sense if the error should not appear in both cases? 🙂
Environment
Tested Against
develop
branch?develop
branch of WPCS.The text was updated successfully, but these errors were encountered: