Filters and sanitizes block content to remove non-allowable HTML from parsed block attribute values.
Parameters
$text
stringrequired- Text that may contain block content.
$allowed_html
array[]|stringoptional- An array of allowed HTML elements and attributes, or a context name such as
'post'
. See wp_kses_allowed_html() for the list of accepted context names. Default'post'
.Default:
'post'
$allowed_protocols
string[]optional- Array of allowed URL protocols.
Defaults to the result of wp_allowed_protocols() .Default:
array()
Source
function filter_block_content( $text, $allowed_html = 'post', $allowed_protocols = array() ) {
$result = '';
if ( str_contains( $text, '<!--' ) && str_contains( $text, '--->' ) ) {
$text = preg_replace_callback( '%<!--(.*?)--->%', '_filter_block_content_callback', $text );
}
$blocks = parse_blocks( $text );
foreach ( $blocks as $block ) {
$block = filter_block_kses( $block, $allowed_html, $allowed_protocols );
$result .= serialize_block( $block );
}
return $result;
}
Changelog
Version | Description |
---|---|
5.3.1 | Introduced. |
User Contributed Notes
You must log in before being able to contribute a note or feedback.