filter_block_content( string $text, array[]|string $allowed_html = 'post', string[] $allowed_protocols = array() ): string

Filters and sanitizes block content to remove non-allowable HTML from parsed block attribute values.


$text string Required
Text that may contain block content.
$allowed_html array[]|string Optional
An array of allowed HTML elements and attributes, or a context name such as 'post'. See wp_kses_allowed_html() for the list of accepted context names. Default 'post'.

Default: 'post'

$allowed_protocols string[] Optional
Array of allowed URL protocols.
Defaults to the result of wp_allowed_protocols() .

Default: array()

Top ↑


string The filtered and sanitized content result.

Top ↑


File: wp-includes/blocks.php. View all references

function filter_block_content( $text, $allowed_html = 'post', $allowed_protocols = array() ) {
	$result = '';

	if ( str_contains( $text, '<!--' ) && str_contains( $text, '--->' ) ) {
		$text = preg_replace_callback( '%<!--(.*?)--->%', '_filter_block_content_callback', $text );

	$blocks = parse_blocks( $text );
	foreach ( $blocks as $block ) {
		$block   = filter_block_kses( $block, $allowed_html, $allowed_protocols );
		$result .= serialize_block( $block );

	return $result;

Top ↑


Version Description
5.3.1 Introduced.

Top ↑

User Contributed Notes

You must log in before being able to contribute a note or feedback.