Title: wp_kses_allowed_html
Published: April 25, 2014
Last modified: February 24, 2026

---

# wp_kses_allowed_html( string|array $context ): array

## In this article

 * [Parameters](https://developer.wordpress.org/reference/functions/wp_kses_allowed_html/?output_format=md#parameters)
 * [Return](https://developer.wordpress.org/reference/functions/wp_kses_allowed_html/?output_format=md#return)
 * [More Information](https://developer.wordpress.org/reference/functions/wp_kses_allowed_html/?output_format=md#more-information)
 * [Source](https://developer.wordpress.org/reference/functions/wp_kses_allowed_html/?output_format=md#source)
 * [Hooks](https://developer.wordpress.org/reference/functions/wp_kses_allowed_html/?output_format=md#hooks)
 * [Related](https://developer.wordpress.org/reference/functions/wp_kses_allowed_html/?output_format=md#related)
 * [Changelog](https://developer.wordpress.org/reference/functions/wp_kses_allowed_html/?output_format=md#changelog)
 * [User Contributed Notes](https://developer.wordpress.org/reference/functions/wp_kses_allowed_html/?output_format=md#user-contributed-notes)

[ Back to top](https://developer.wordpress.org/reference/functions/wp_kses_allowed_html/?output_format=md#wp--skip-link--target)

Returns an array of allowed HTML tags and attributes for a given context.

## 󠀁[Parameters](https://developer.wordpress.org/reference/functions/wp_kses_allowed_html/?output_format=md#parameters)󠁿

 `$context`string|arrayrequired

The context for which to retrieve tags. Allowed values are `'post'`, `'strip'`, `'
data'`, `'entities'`, or the name of a field filter such as `'pre_user_description'`,
or an array of allowed HTML elements and attributes.

## 󠀁[Return](https://developer.wordpress.org/reference/functions/wp_kses_allowed_html/?output_format=md#return)󠁿

 array Array of allowed HTML tags and their allowed attributes.

## 󠀁[More Information](https://developer.wordpress.org/reference/functions/wp_kses_allowed_html/?output_format=md#more-information)󠁿

The Return value is a multidimensional array with the tag name as the key and an
array of attributes as the value.

## 󠀁[Source](https://developer.wordpress.org/reference/functions/wp_kses_allowed_html/?output_format=md#source)󠁿

    ```php
    function wp_kses_allowed_html( $context = '' ) {
    	global $allowedposttags, $allowedtags, $allowedentitynames;

    	if ( is_array( $context ) ) {
    		// When `$context` is an array it's actually an array of allowed HTML elements and attributes.
    		$html    = $context;
    		$context = 'explicit';

    		/**
    		 * Filters the HTML tags that are allowed for a given context.
    		 *
    		 * HTML tags and attribute names are case-insensitive in HTML but must be
    		 * added to the KSES allow list in lowercase. An item added to the allow list
    		 * in upper or mixed case will not recognized as permitted by KSES.
    		 *
    		 * @since 3.5.0
    		 *
    		 * @param array[] $html    Allowed HTML tags.
    		 * @param string  $context Context name.
    		 */
    		return apply_filters( 'wp_kses_allowed_html', $html, $context );
    	}

    	switch ( $context ) {
    		case 'post':
    			/** This filter is documented in wp-includes/kses.php */
    			$tags = apply_filters( 'wp_kses_allowed_html', $allowedposttags, $context );

    			// 5.0.1 removed the `<form>` tag, allow it if a filter is allowing it's sub-elements `<input>` or `<select>`.
    			if ( ! CUSTOM_TAGS && ! isset( $tags['form'] ) && ( isset( $tags['input'] ) || isset( $tags['select'] ) ) ) {
    				$tags = $allowedposttags;

    				$tags['form'] = array(
    					'action'         => true,
    					'accept'         => true,
    					'accept-charset' => true,
    					'enctype'        => true,
    					'method'         => true,
    					'name'           => true,
    					'target'         => true,
    				);

    				/** This filter is documented in wp-includes/kses.php */
    				$tags = apply_filters( 'wp_kses_allowed_html', $tags, $context );
    			}

    			return $tags;

    		case 'user_description':
    		case 'pre_term_description':
    		case 'pre_user_description':
    			$tags                = $allowedtags;
    			$tags['a']['rel']    = true;
    			$tags['a']['target'] = true;
    			/** This filter is documented in wp-includes/kses.php */
    			return apply_filters( 'wp_kses_allowed_html', $tags, $context );

    		case 'strip':
    			/** This filter is documented in wp-includes/kses.php */
    			return apply_filters( 'wp_kses_allowed_html', array(), $context );

    		case 'entities':
    			/** This filter is documented in wp-includes/kses.php */
    			return apply_filters( 'wp_kses_allowed_html', $allowedentitynames, $context );

    		case 'data':
    		default:
    			/** This filter is documented in wp-includes/kses.php */
    			return apply_filters( 'wp_kses_allowed_html', $allowedtags, $context );
    	}
    }
    ```

[View all references](https://developer.wordpress.org/reference/files/wp-includes/kses.php/)
[View on Trac](https://core.trac.wordpress.org/browser/tags/6.9.4/src/wp-includes/kses.php#L1060)
[View on GitHub](https://github.com/WordPress/wordpress-develop/blob/6.9.4/src/wp-includes/kses.php#L1060-L1130)

## 󠀁[Hooks](https://developer.wordpress.org/reference/functions/wp_kses_allowed_html/?output_format=md#hooks)󠁿

 [apply_filters( ‘wp_kses_allowed_html’, array[] $html, string $context )](https://developer.wordpress.org/reference/hooks/wp_kses_allowed_html/)

Filters the HTML tags that are allowed for a given context.

## 󠀁[Related](https://developer.wordpress.org/reference/functions/wp_kses_allowed_html/?output_format=md#related)󠁿

| Uses | Description | 
| [apply_filters()](https://developer.wordpress.org/reference/functions/apply_filters/)`wp-includes/plugin.php` |

Calls the callback functions that have been added to a filter hook.

  |

| Used by | Description | 
| [filter_block_core_template_part_attributes()](https://developer.wordpress.org/reference/functions/filter_block_core_template_part_attributes/)`wp-includes/blocks.php` |

Sanitizes the value of the Template Part block’s `tagName` attribute.

  | 
| [wp_get_code_editor_settings()](https://developer.wordpress.org/reference/functions/wp_get_code_editor_settings/)`wp-includes/general-template.php` |

Generates and returns code editor settings.

  | 
| [WP_Widget_Custom_HTML::render_control_template_scripts()](https://developer.wordpress.org/reference/classes/wp_widget_custom_html/render_control_template_scripts/)`wp-includes/widgets/class-wp-widget-custom-html.php` |

Render form template scripts.

  | 
| [wp_kses_one_attr()](https://developer.wordpress.org/reference/functions/wp_kses_one_attr/)`wp-includes/kses.php` |

Filters one HTML attribute and ensures its value is allowed.

  | 
| [wp_kses_attr()](https://developer.wordpress.org/reference/functions/wp_kses_attr/)`wp-includes/kses.php` |

Removes all attributes, if none are allowed for this element.

  | 
| [gallery_shortcode()](https://developer.wordpress.org/reference/functions/gallery_shortcode/)`wp-includes/media.php` |

Builds the Gallery shortcode output.

  |

[Show 1 more](https://developer.wordpress.org/reference/functions/wp_kses_allowed_html/?output_format=md#)
[Show less](https://developer.wordpress.org/reference/functions/wp_kses_allowed_html/?output_format=md#)

## 󠀁[Changelog](https://developer.wordpress.org/reference/functions/wp_kses_allowed_html/?output_format=md#changelog)󠁿

| Version | Description | 
| [5.0.1](https://developer.wordpress.org/reference/since/5.0.1/) | `form` removed as allowable HTML tag. | 
| [3.5.0](https://developer.wordpress.org/reference/since/3.5.0/) | Introduced. |

## 󠀁[User Contributed Notes](https://developer.wordpress.org/reference/functions/wp_kses_allowed_html/?output_format=md#user-contributed-notes)󠁿

 1.  [Skip to note 2 content](https://developer.wordpress.org/reference/functions/wp_kses_allowed_html/?output_format=md#comment-content-3860)
 2.   [Steven Lin](https://profiles.wordpress.org/stevenlinx/)  [  6 years ago  ](https://developer.wordpress.org/reference/functions/wp_kses_allowed_html/#comment-3860)
 3. [You must log in to vote on the helpfulness of this note](https://login.wordpress.org?redirect_to=https%3A%2F%2Fdeveloper.wordpress.org%2Freference%2Ffunctions%2Fwp_kses_allowed_html%2F%23comment-3860)
    Vote results for this note: 6[You must log in to vote on the helpfulness of this note](https://login.wordpress.org?redirect_to=https%3A%2F%2Fdeveloper.wordpress.org%2Freference%2Ffunctions%2Fwp_kses_allowed_html%2F%23comment-3860)
 4. Example migrated from Codex:
 5.     ```php
        // strips all html (empty array)
        $allowed_html = wp_kses_allowed_html( 'strip' );
    
        // allows all most inline elements and strips all block level elements except blockquote
        $allowed_html = wp_kses_allowed_html( 'data' );
    
        // very permissive: allows pretty much all HTML to pass - same as what's normally applied to the_content by default
        $allowed_html = wp_kses_allowed_html( 'post' );
    
        // allows a list of HTML Entities such as  
        $allowed_html = wp_kses_allowed_html( 'entities' );
        ```
    
 6.  [Log in to add feedback](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fdeveloper.wordpress.org%2Freference%2Ffunctions%2Fwp_kses_allowed_html%2F%3Freplytocom%3D3860%23feedback-editor-3860)

You must [log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fdeveloper.wordpress.org%2Freference%2Ffunctions%2Fwp_kses_allowed_html%2F)
before being able to contribute a note or feedback.