wp_kses_bad_protocol_once() WordPress Function
The wp_kses_bad_protocol_once() function is used to remove bad protocols from a string. This function is used to remove any protocols that are not allowed by the kses_allowed_protocols filter. This function is called by the kses system when needed.
wp_kses_bad_protocol_once( string $string, string[] $allowed_protocols, int $count = 1 ) #
Sanitizes content from bad protocols and other characters.
Description
This function searches for URL protocols at the beginning of the string, while handling whitespace and HTML entities.
Parameters
- $string
(string)(Required)Content to check for bad protocols.
- $allowed_protocols
(string[])(Required)Array of allowed URL protocols.
- $count
(int)(Optional)Depth of call recursion to this function.
Default value: 1
Return
(string) Sanitized content.
Source
File: wp-includes/kses.php
function wp_kses_bad_protocol_once( $string, $allowed_protocols, $count = 1 ) {
$string = preg_replace( '/(�*58(?![;0-9])|�*3a(?![;a-f0-9]))/i', '$1;', $string );
$string2 = preg_split( '/:|�*58;|�*3a;|:/i', $string, 2 );
if ( isset( $string2[1] ) && ! preg_match( '%/\?%', $string2[0] ) ) {
$string = trim( $string2[1] );
$protocol = wp_kses_bad_protocol_once2( $string2[0], $allowed_protocols );
if ( 'feed:' === $protocol ) {
if ( $count > 2 ) {
return '';
}
$string = wp_kses_bad_protocol_once( $string, $allowed_protocols, ++$count );
if ( empty( $string ) ) {
return $string;
}
}
$string = $protocol . $string;
}
return $string;
}
Expand full source codeCollapse full source codeView on TracView on GitHub
Changelog
| Version | Description |
|---|---|
| 1.0.0 | Introduced. |