[Soft Rejected] All theme text strings are to be translatable and properly escaped

RadiusTheme · November 21, 2016, 7:10am

Hello All,

I am working my First WordPress Theme. I got Soft Rejected in the following reason.

====================================================================

All theme text strings are to be translatable and properly escaped.

It’s possible for translators to sneak HTML and JS into translation files or even just inadvertently mess something up. So, it’s good practice to simply escape them. https://github.com/WordPress/twentysixteen/commit/112a2a952e8906931f30a2a83bffe3a4d12ccef0

For example(s) and there are more:

Now i’m confused, am i supposed to change TGM config file from this?

'name'     => __( 'Contact Form 7', 'gtbuilder' ),

Change to

'name'     => esc_html__( 'Contact Form 7', 'gtbuilder' ),

According to the github link mentioned above, isn’t it over escaping?

Can anyone please clear this confusion and help me?

Thanks in advance.

RadiusTheme

RadiusTheme · November 21, 2016, 10:25am

Anyone there who can help me for this issue?

ki-themes · November 23, 2016, 12:35am

Not only for TGM, for all if you have any others

RadiusTheme · November 23, 2016, 4:45am

Thanks for your reply.

So I will use this right?

esc_html

anon51813007 · November 23, 2016, 6:35am

Yes just use it.

Schiocco · November 23, 2016, 8:05am

No use esc_html__. It is a very big functions that require time, its slow, for only string use esc_attr__()