filter_block_kses() WordPress Function
The filter_block_kses() function is a filtering function that allows you to specify which HTML tags are allowed in a given string. This is useful for ensuring that user-generated content, such as comments, does not contain malicious code.
filter_block_kses( WP_Block_Parser_Block $block, array[]|string $allowed_html, string[] $allowed_protocols = array() ) #
Filters and sanitizes a parsed block to remove non-allowable HTML from block attribute values.
Parameters
- $block
(WP_Block_Parser_Block)(Required)The parsed block object.
- $allowed_html
(array[]|string)(Required)An array of allowed HTML elements and attributes, or a context name such as 'post'.
- $allowed_protocols
(string[])(Optional)Allowed URL protocols.
Default value: array()
Return
(array) The filtered and sanitized block object result.
Source
File: wp-includes/blocks.php
function filter_block_kses( $block, $allowed_html, $allowed_protocols = array() ) {
$block['attrs'] = filter_block_kses_value( $block['attrs'], $allowed_html, $allowed_protocols );
if ( is_array( $block['innerBlocks'] ) ) {
foreach ( $block['innerBlocks'] as $i => $inner_block ) {
$block['innerBlocks'][ $i ] = filter_block_kses( $inner_block, $allowed_html, $allowed_protocols );
}
}
return $block;
}
Expand full source codeCollapse full source codeView on TracView on GitHub
Changelog
| Version | Description |
|---|---|
| 5.3.1 | Introduced. |