Warning: This function has been deprecated. Officially dropped security support for Netscape 4 instead.

wp_kses_js_entities() WordPress Function

The wp_kses_js_entities() function is used to escape JavaScript entities in strings. This function is useful for protecting against XSS attacks.

wp_kses_js_entities( string $content ) #

Removes the HTML JavaScript entities found in early versions of Netscape 4.

Contents

Description

Previously, this function was pulled in from the original import of kses and removed a specific vulnerability only existent in early version of Netscape 4. However, this vulnerability never affected any other browsers and can be considered safe for the modern web.

The regular expression which sanitized this vulnerability has been removed in consideration of the performance and energy demands it placed, now merely passing through its input to the return.

Top ↑

Parameters

$content

(string)(Required)

Top ↑

Return

(string)

Top ↑

Source

File: wp-includes/deprecated.php

function wp_kses_js_entities( $content ) {
	_deprecated_function( __FUNCTION__, '4.7.0' );

	return preg_replace( '%&\s*\{[^}]*(\}\s*;?|$)%', '', $content );
}

Expand full source codeCollapse full source codeView on TracView on GitHub

Top ↑

Top ↑

Changelog

Changelog
VersionDescription
4.7.0Officially dropped security support for Netscape 4.
1.0.0Introduced.
Download the latest version of WordPress from https://wordpress.org/

The content displayed on this page has been created in part by processing WordPress source code files which are made available under the GPLv2 (or a later version) license by theĀ Free Software Foundation. In addition to this, the content includes user-written examples and information. All material is subject to review and curation by the WPPaste.com community.

Show More