wp_kses_allowed_html( string|array $context = '' )

Returns an array of allowed HTML tags and attributes for a given context.

Contents

Description Description

Parameters Parameters

$context

(string|array) (Optional) The context for which to retrieve tags. Allowed values are 'post', 'strip', 'data', 'entities', or the name of a field filter such as 'pre_user_description'.

Default value: ''

Top ↑

Return Return

(array) Array of allowed HTML tags and their allowed attributes.

Top ↑

Source Source

File: wp-includes/kses.php 

function wp_kses_allowed_html( $context = '' ) {
	global $allowedposttags, $allowedtags, $allowedentitynames;

	if ( is_array( $context ) ) {
		/**
		 * Filters the HTML that is allowed for a given context.
		 *
		 * @since 3.5.0
		 *
		 * @param array[]|string $context      Context to judge allowed tags by.
		 * @param string         $context_type Context name.
		 */
		return apply_filters( 'wp_kses_allowed_html', $context, 'explicit' );
	}

	switch ( $context ) {
		case 'post':
			/** This filter is documented in wp-includes/kses.php */
			$tags = apply_filters( 'wp_kses_allowed_html', $allowedposttags, $context );

			// 5.0.1 removed the `<form>` tag, allow it if a filter is allowing it's sub-elements `<input>` or `<select>`.
			if ( ! CUSTOM_TAGS && ! isset( $tags['form'] ) && ( isset( $tags['input'] ) || isset( $tags['select'] ) ) ) {
				$tags = $allowedposttags;

				$tags['form'] = array(
					'action'         => true,
					'accept'         => true,
					'accept-charset' => true,
					'enctype'        => true,
					'method'         => true,
					'name'           => true,
					'target'         => true,
				);

				/** This filter is documented in wp-includes/kses.php */
				$tags = apply_filters( 'wp_kses_allowed_html', $tags, $context );
			}

			return $tags;

		case 'user_description':
		case 'pre_user_description':
			$tags             = $allowedtags;
			$tags['a']['rel'] = true;
			/** This filter is documented in wp-includes/kses.php */
			return apply_filters( 'wp_kses_allowed_html', $tags, $context );

		case 'strip':
			/** This filter is documented in wp-includes/kses.php */
			return apply_filters( 'wp_kses_allowed_html', array(), $context );

		case 'entities':
			/** This filter is documented in wp-includes/kses.php */
			return apply_filters( 'wp_kses_allowed_html', $allowedentitynames, $context );

		case 'data':
		default:
			/** This filter is documented in wp-includes/kses.php */
			return apply_filters( 'wp_kses_allowed_html', $allowedtags, $context );
	}
}

Expand full source code Collapse full source code View on Trac

Top ↑

Changelog Changelog

Changelog
Version Description
5.0.1 form removed as allowable HTML tag.
3.5.0 Introduced.

Top ↑

Top ↑

Uses Uses

Uses
Uses Description
wp-includes/kses.php: wp_kses_allowed_html

Filters the HTML that is allowed for a given context.
wp-includes/plugin.php: apply_filters()

Calls the callback functions that have been added to a filter hook.

Top ↑

Used By Used By

Used By
Used By Description
wp-includes/general-template.php: wp_get_code_editor_settings()

Generate and return code editor settings.
wp-includes/widgets/class-wp-widget-custom-html.php: WP_Widget_Custom_HTML::render_control_template_scripts()

Render form template scripts.
wp-includes/kses.php: wp_kses_one_attr()

Filters one HTML attribute and ensures its value is allowed.
wp-includes/kses.php: wp_kses_attr()

Removes all attributes, if none are allowed for this element.
wp-includes/media.php: gallery_shortcode()

Builds the Gallery shortcode output.

Top ↑

User Contributed Notes User Contributed Notes

You must log in before being able to contribute a note or feedback.