filter_block_content( string $text, array[]|string $allowed_html = 'post', string[] $allowed_protocols = array() ): string

Filters and sanitizes block content to remove non-allowable HTML from parsed block attribute values.

Contents

Parameters

$text string Required
Text that may contain block content.
$allowed_html array[]|string Optional
An array of allowed HTML elements and attributes, or a context name such as 'post'. See wp_kses_allowed_html() for the list of accepted context names. Default 'post'.

Default: 'post'

$allowed_protocols string[] Optional
Array of allowed URL protocols.
Defaults to the result of wp_allowed_protocols() .

Default: array()

Top ↑

Return

string The filtered and sanitized content result.

Top ↑

Source

File: wp-includes/blocks.php. View all references 

function filter_block_content( $text, $allowed_html = 'post', $allowed_protocols = array() ) {
	$result = '';

	if ( str_contains( $text, '<!--' ) && str_contains( $text, '--->' ) ) {
		$text = preg_replace_callback( '%<!--(.*?)--->%', '_filter_block_content_callback', $text );
	}

	$blocks = parse_blocks( $text );
	foreach ( $blocks as $block ) {
		$block   = filter_block_kses( $block, $allowed_html, $allowed_protocols );
		$result .= serialize_block( $block );
	}

	return $result;
}

View on Trac View on GitHub

Top ↑

Top ↑

Uses

Uses
Uses Description
filter_block_kses() wp-includes/blocks.php

Filters and sanitizes a parsed block to remove non-allowable HTML from block attribute values.
serialize_block() wp-includes/blocks.php

Returns the content of a block, including comment delimiters, serializing all attributes from the given parsed block.
parse_blocks() wp-includes/blocks.php

Parses blocks out of a content string.

Top ↑

Changelog

Changelog
Version Description
5.3.1 Introduced.

Top ↑

User Contributed Notes

You must log in before being able to contribute a note or feedback.