While WordPress's security feature for automatically sanitizing HTML attrs and hooks is definitely a Good Thing, it's bitten us in the past, e.g. when trying to output custom data attrs from a woocommerce hook. The (tricky to find) solution was to explicitly whitelist the data attributes.
It'd be nice to automatically whitelist HTML attributes and tags for WordPress sanitation functions from Twig. Provide a Twig mechanism, such as a macro, that performs this whitelisting transparently from within Twig, so that we don't have to explicitly do this elsewhere in PHP.
While WordPress's security feature for automatically sanitizing HTML attrs and hooks is definitely a Good Thing, it's bitten us in the past, e.g. when trying to output custom
dataattrs from a woocommerce hook. The (tricky to find) solution was to explicitly whitelist the data attributes.It'd be nice to automatically whitelist HTML attributes and tags for WordPress sanitation functions from Twig. Provide a Twig mechanism, such as a macro, that performs this whitelisting transparently from within Twig, so that we don't have to explicitly do this elsewhere in PHP.