wp_kses_bad_protocol_once( string $content, string[] $allowed_protocols, int $count = 1 ): string

Sanitizes content from bad protocols and other characters.

Description
Parameters
Return
Source
Related
- Uses
- Used By
Changelog
User Contributed Notes

Description

This function searches for URL protocols at the beginning of the string, while handling whitespace and HTML entities.

Top ↑

Parameters

$content string Required: Content to check for bad protocols.
$allowed_protocols string[] Required: Array of allowed URL protocols.
$count int Optional: Depth of call recursion to this function.

Default: 1

Top ↑

Return

string Sanitized content.

Top ↑

Source

File: wp-includes/kses.php. View all references

function wp_kses_bad_protocol_once( $content, $allowed_protocols, $count = 1 ) {
	$content  = preg_replace( '/(&#0*58(?![;0-9])|&#x0*3a(?![;a-f0-9]))/i', '$1;', $content );
	$content2 = preg_split( '/:|&#0*58;|&#x0*3a;|&colon;/i', $content, 2 );

	if ( isset( $content2[1] ) && ! preg_match( '%/\?%', $content2[0] ) ) {
		$content  = trim( $content2[1] );
		$protocol = wp_kses_bad_protocol_once2( $content2[0], $allowed_protocols );
		if ( 'feed:' === $protocol ) {
			if ( $count > 2 ) {
				return '';
			}
			$content = wp_kses_bad_protocol_once( $content, $allowed_protocols, ++$count );
			if ( empty( $content ) ) {
				return $content;
			}
		}
		$content = $protocol . $content;
	}

	return $content;
}

View on Trac View on GitHub

Top ↑

Uses

Uses
Uses	Description
wp_kses_bad_protocol_once() wp-includes/kses.php	Sanitizes content from bad protocols and other characters.

Top ↑

Used By

Used By
Used By	Description
wp_kses_bad_protocol() wp-includes/kses.php	Sanitizes a string and removed disallowed URL protocols.
wp_kses_bad_protocol_once() wp-includes/kses.php	Sanitizes content from bad protocols and other characters.