This will either need removing, or restricting in some way. It's nice to have for private/restricted use, but dangerous if/when processing parameters directly from the web. Never a great idea to allow any old callback to be passed in with no validation.
This will either need removing, or restricting in some way. It's nice to have for private/restricted use, but dangerous if/when processing parameters directly from the web. Never a great idea to allow any old callback to be passed in with no validation.