Title: wp_kses_bad_protocol_once Published: April 25, 2014 Last modified: May 20, 2026 --- # wp_kses_bad_protocol_once( string $content, string[] $allowed_protocols, int $count = 1 ): string ## In this article * [Description](https://developer.wordpress.org/reference/functions/wp_kses_bad_protocol_once/?output_format=md#description) * [Parameters](https://developer.wordpress.org/reference/functions/wp_kses_bad_protocol_once/?output_format=md#parameters) * [Return](https://developer.wordpress.org/reference/functions/wp_kses_bad_protocol_once/?output_format=md#return) * [Source](https://developer.wordpress.org/reference/functions/wp_kses_bad_protocol_once/?output_format=md#source) * [Related](https://developer.wordpress.org/reference/functions/wp_kses_bad_protocol_once/?output_format=md#related) * [Changelog](https://developer.wordpress.org/reference/functions/wp_kses_bad_protocol_once/?output_format=md#changelog) [ Back to top](https://developer.wordpress.org/reference/functions/wp_kses_bad_protocol_once/?output_format=md#wp--skip-link--target) Sanitizes content from bad protocols and other characters. ## 󠀁[Description](https://developer.wordpress.org/reference/functions/wp_kses_bad_protocol_once/?output_format=md#description)󠁿 This function searches for URL protocols at the beginning of the string, while handling whitespace and HTML entities. ## 󠀁[Parameters](https://developer.wordpress.org/reference/functions/wp_kses_bad_protocol_once/?output_format=md#parameters)󠁿 `$content`stringrequired Content to check for bad protocols. `$allowed_protocols`string[]required Array of allowed URL protocols. `$count`intoptional Depth of call recursion to this function. Default:`1` ## 󠀁[Return](https://developer.wordpress.org/reference/functions/wp_kses_bad_protocol_once/?output_format=md#return)󠁿 string Sanitized content. ## 󠀁[Source](https://developer.wordpress.org/reference/functions/wp_kses_bad_protocol_once/?output_format=md#source)󠁿 ```php function wp_kses_bad_protocol_once( $content, $allowed_protocols, $count = 1 ) { $content = preg_replace( '/(�*58(?![;0-9])|�*3a(?![;a-f0-9]))/i', '$1;', $content ); $content2 = preg_split( '/:|�*58;|�*3a;|:/i', $content, 2 ); if ( isset( $content2[1] ) && ! preg_match( '%/\?%', $content2[0] ) ) { $content = trim( $content2[1] ); $protocol = wp_kses_bad_protocol_once2( $content2[0], $allowed_protocols ); if ( 'feed:' === $protocol ) { if ( $count > 2 ) { return ''; } $content = wp_kses_bad_protocol_once( $content, $allowed_protocols, ++$count ); if ( empty( $content ) ) { return $content; } } $content = $protocol . $content; } return $content; } ``` [View all references](https://developer.wordpress.org/reference/files/wp-includes/kses.php/) [View on Trac](https://core.trac.wordpress.org/browser/tags/7.0/src/wp-includes/kses.php#L2010) [View on GitHub](https://github.com/WordPress/wordpress-develop/blob/7.0/src/wp-includes/kses.php#L2010-L2030) ## 󠀁[Related](https://developer.wordpress.org/reference/functions/wp_kses_bad_protocol_once/?output_format=md#related)󠁿 | Uses | Description | | [wp_kses_bad_protocol_once()](https://developer.wordpress.org/reference/functions/wp_kses_bad_protocol_once/)`wp-includes/kses.php` | Sanitizes content from bad protocols and other characters. | | Used by | Description | | [wp_kses_bad_protocol()](https://developer.wordpress.org/reference/functions/wp_kses_bad_protocol/)`wp-includes/kses.php` | Sanitizes a string and removed disallowed URL protocols. | | [wp_kses_bad_protocol_once()](https://developer.wordpress.org/reference/functions/wp_kses_bad_protocol_once/)`wp-includes/kses.php` | Sanitizes content from bad protocols and other characters. | ## 󠀁[Changelog](https://developer.wordpress.org/reference/functions/wp_kses_bad_protocol_once/?output_format=md#changelog)󠁿 | Version | Description | | [1.0.0](https://developer.wordpress.org/reference/since/1.0.0/) | Introduced. | ## User Contributed Notes You must [log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fdeveloper.wordpress.org%2Freference%2Ffunctions%2Fwp_kses_bad_protocol_once%2F) before being able to contribute a note or feedback.