Title: WP_SimplePie_Sanitize_KSES Published: April 25, 2014 Last modified: May 20, 2026 --- # class WP_SimplePie_Sanitize_KSES {} ## In this article * [Description](https://developer.wordpress.org/reference/classes/wp_simplepie_sanitize_kses/?output_format=md#description) * [Methods](https://developer.wordpress.org/reference/classes/wp_simplepie_sanitize_kses/?output_format=md#methods) * [Source](https://developer.wordpress.org/reference/classes/wp_simplepie_sanitize_kses/?output_format=md#source) * [Changelog](https://developer.wordpress.org/reference/classes/wp_simplepie_sanitize_kses/?output_format=md#changelog) [ Back to top](https://developer.wordpress.org/reference/classes/wp_simplepie_sanitize_kses/?output_format=md#wp--skip-link--target) Core class used to implement SimplePie feed sanitization. ## 󠀁[Description](https://developer.wordpress.org/reference/classes/wp_simplepie_sanitize_kses/?output_format=md#description)󠁿 Extends the SimplePie\Sanitize class to use KSES, because we cannot universally count on DOMDocument being available. ## 󠀁[Methods](https://developer.wordpress.org/reference/classes/wp_simplepie_sanitize_kses/?output_format=md#methods)󠁿 | Name | Description | | [WP_SimplePie_Sanitize_KSES::sanitize](https://developer.wordpress.org/reference/classes/wp_simplepie_sanitize_kses/sanitize/) | WordPress SimplePie sanitization using KSES. | ## 󠀁[Source](https://developer.wordpress.org/reference/classes/wp_simplepie_sanitize_kses/?output_format=md#source)󠁿 ```php #[AllowDynamicProperties] class WP_SimplePie_Sanitize_KSES extends SimplePie\Sanitize { /** * WordPress SimplePie sanitization using KSES. * * Sanitizes the incoming data, to ensure that it matches the type of data expected, using KSES. * * @since 3.5.0 * * @param mixed $data The data that needs to be sanitized. * @param int $type The type of data that it's supposed to be. * @param string $base Optional. The `xml:base` value to use when converting relative * URLs to absolute ones. Default empty. * @return mixed Sanitized data. */ public function sanitize( $data, $type, $base = '' ) { $data = trim( $data ); if ( $type & SimplePie\SimplePie::CONSTRUCT_MAYBE_HTML ) { if ( preg_match( '/(&(#(x[0-9a-fA-F]+|[0-9]+)|[a-zA-Z0-9]+)|<\/[A-Za-z][^\x09\x0A\x0B\x0C\x0D\x20\x2F\x3E]*' . SIMPLEPIE_PCRE_HTML_ATTRIBUTE . '>)/', $data ) ) { $type |= SimplePie\SimplePie::CONSTRUCT_HTML; } else { $type |= SimplePie\SimplePie::CONSTRUCT_TEXT; } } if ( $type & SimplePie\SimplePie::CONSTRUCT_BASE64 ) { $data = base64_decode( $data ); } if ( $type & ( SimplePie\SimplePie::CONSTRUCT_HTML | \SimplePie\SimplePie::CONSTRUCT_XHTML ) ) { $data = wp_kses_post( $data ); if ( 'UTF-8' !== $this->output_encoding ) { $data = $this->registry->call( 'Misc', 'change_encoding', array( $data, 'UTF-8', $this->output_encoding ) ); } return $data; } else { return parent::sanitize( $data, $type, $base ); } } } ``` [View all references](https://developer.wordpress.org/reference/files/wp-includes/class-wp-simplepie-sanitize-kses.php/) [View on Trac](https://core.trac.wordpress.org/browser/tags/7.0/src/wp-includes/class-wp-simplepie-sanitize-kses.php#L23) [View on GitHub](https://github.com/WordPress/wordpress-develop/blob/7.0/src/wp-includes/class-wp-simplepie-sanitize-kses.php#L23-L61) ## 󠀁[Changelog](https://developer.wordpress.org/reference/classes/wp_simplepie_sanitize_kses/?output_format=md#changelog)󠁿 | Version | Description | | [3.5.0](https://developer.wordpress.org/reference/since/3.5.0/) | Introduced. | ## User Contributed Notes You must [log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fdeveloper.wordpress.org%2Freference%2Fclasses%2Fwp_simplepie_sanitize_kses%2F) before being able to contribute a note or feedback.