Opened 8 years ago
Last modified 8 years ago
#39724 new enhancement
Defining custom validation callbacks for tag/attribute values in wp_kses()
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | Awaiting Review | Priority: | normal |
Severity: | normal | Version: | 4.8 |
Component: | Formatting | Keywords: | |
Focuses: | Cc: |
Description
This patch allows to define a custom validation callbacks to check tag/attributres values in wp_kes()
etc.
The callbacks are defined through wp_kses_allowed_html
filter. If a tag and/or tag attribute is a callable function/method, then it will be used to check/validate/process the value, for example:
<?php add_filter( 'wp_kses_allowed_html', 'my_wp_kses_allowed_html_flter' ), 10, 2 ); function my_wp_kses_allowed_html_flter ( $tags, $context ) { $tags['span']['style'] = function ( $name, $value, $element ) { // return sanitized $value or empty to remove it return $value; }; // iframe callback $tags['iframe'] = function ( $element, $attr ) { // does something with complete attribute string or return empty to remove it return $attr; }; return $tags; }
While waiting for the core updates the list of allowed tags/attribitutes/values (for example for style
attribute, see #24157, #37134, #37248 and probaly many others), this enhancement could offer the possibility of having the fine control over every tag attributes value.
Regards
Attachments (3)
Change History (5)
Note: See
TracTickets for help on using
tickets.
I just updated the patch to the current trunk.