why is esc_html() returning nothing given a string containing a high-bit character?

Perhaps because the entity is a non-UTF8 character?

Here’s what esc_html() does:

function esc_html( $text ) {
      $safe_text = wp_check_invalid_utf8( $text );
      $safe_text = _wp_specialchars( $safe_text, ENT_QUOTES );
      return apply_filters( 'esc_html', $safe_text, $text );
}

If not that, then it’s getting sanitized when filtered by _wp_specialchars(), which does double-encoding(by default,no) and all sorts of things.

For reference:

1) esc_html() in source

2) _wp_specialchars() in source

Related Posts:

  1. Should HTML output be passed through esc_html() AND wp_kses()?
  2. What characters do I need to escape in XML documents?
  3. What characters must be escaped in HTML 5?
  4. How can I selectively escape percent (%) in Python strings?
  5. How do I escape a single quote in jQuery?
  6. Escape Character in SQL Server
  7. How to escape apostrophe (‘) in MySql?
  8. How to prevent escaping when saving HTML code in an option value?
  9. Escaping and sanitizing SVGs in metabox textarea
  10. Sanitize and data validation with apply_filters() function
  11. What’s the difference between esc_* functions?
  12. How to correctly escape query variables to be used in WP_Query
  13. How to escape custom css?
  14. esc_attr / esc_html / esc_url in echos
  15. When do I need to use esc_html()? [duplicate]
  16. Escaping WP_Query tax_query when term has special character(s)
  17. what’s different between esc_attr, htmlspecialchars and htmlentities
  18. Allow all attributes in $allowedposttags tags
  19. When outputting a static string to the page, is it necessary to escape the output?
  20. Escape hexadecimals/rgba values
  21. How Flexible are the WordPress Coding Standards for PHPCS?
  22. Sanitizing comments or escaping comment_text()
  23. How to properly escape a translated string?
  24. Must I serialize/sanitize/escape array data before using set_transient?
  25. Sanitizing, Validating and Escaping in WordPress (Plugin)
  26. How Could I sanitize the receive data from this code
  27. How to sanitize user input?
  28. Which escape function to use when escaping an email or plain text?
  29. WP_Editor – Saving Value into Plugin Option – Stripping HTML
  30. What is the safe way to print tracking code / pixel code before tag or tag
  31. Translate a Constant while appeasing WordPress PHPCS
  32. Using esc_url() on a url more than once
  33. Do I need to escape get_theme_mod(‘url’) / (‘mail’) with esc_url?
  34. How to allow &nbsp with wp_kses()?
  35. Using esc_attr_e
  36. Why esc_html_() is not used on every text that has a translation (on Twenty Twenty One)?
  37. Escaping crashes my output
  38. How to escape html generate by a loop
  39. How to safely escape the title attribute
  40. Do we need to escape data that we receive from theme options?
  41. How to safely escape data that contains HTML attributes
  42. Can wp_strip_all_tags be used as a substitute for esc_url, esc_attr & esc_html?
  43. Echoing a URL to a link
  44. wp_kses_post escaping doesn’t appear to work as described?
  45. file_get_contents | escaping doesnt show the page
  46. Help about Escaping
  47. How to keep specific tag from an html string?
  48. How to use wp_filter_oembed_result?
  49. Escaping WP_Query tax_query when term has special character(s)
  50. Escaping and sanitization
  51. Escaping WP_Query tax_query when term has special character(s)
  52. Escaping Issues
  53. Escaping and Special Characters (e.g. &)
  54. Escaping data from database (users table) is necessary?
  55. Escaping get_option( ‘time_format’ ) is nesserary?
  56. esc_url, esc_url_raw or sanitize_url?
  57. how to sanitizing $_POST with the correct way?
  58. How should esc_url be combined with trailingslashit?
  59. Correct way of using esc_attr() and esc_html()
  60. Escape string Python for MySQL
  61. Which WP functions do you need to use esc_html() or esc_url() on?
  62. Reason for Lowercase usernames
  63. Sanitizing integer input for update_post_meta
  64. Is sanitize_text_field() is enough to save to DB?
  65. PHP Coding Standards, Widgets and Sanitization
  66. How to sanitize select box values in post meta?
  67. When do I need to use esc_attr when using WordPress internal functions
  68. Disable escaping html
  69. I’m confused about URL sanitization in meta boxes
  70. esc_attr not working in shortcode
  71. where to apply “apply filters” and other Sanitization Functions
  72. How to save html and text in the database?
  73. Escaping / encoding data before insert into a database?
  74. vs WordPress Security
  75. Does balanceTags() provide any escaping / protection?
  76. CSS from textarea in options page to frontend what to do
  77. How to get rid of shortcodes in post content once and for all
  78. Sanitize array callback for the WordPress Settings API
  79. How to escape attachment image caption text?
  80. Unable to sanitize in customizer and escape in theme without removing ability for user to use “< br >” to insert a line break
  81. sanitize_text_field and apostrophe problem
  82. WordPress messes up with data attributes in shortcode output
  83. textarea field is getting escaped for some unknown reason
  84. Allow HTML in Settings API input field
  85. Input sanitation
  86. WP_Customize_Manager: How to get control ID
  87. escape html in jQuery for WordPress
  88. echo cutom css code to WordPress page template file ? is this safe?
  89. Trouble matching strings (titles) using wp_query
  90. Sanitize WordPress Array Input?
  91. Remove pre and code tags from WordPress
  92. Customizer textarea with script tag won’t work in live preview
  93. Escaping a Single Quote in str_replace for Nav Function
  94. wp_kses allow checkbox class and checked
  95. Comparing pre-saved post_title to post-saved post_title
  96. Settings api sanatize callback not being triggered
  97. Sanitizing a custom query’s clauses
  98. wp_set_object_terms() without accents
  99. How can I properly sanitize the update_option in WordPress?
  100. What is the proper way to sanitize $_POST and $_GET vars?