Home Widgets

Embed Snippet on Your Site

<script src="https://library.wpcode.com/embedjs/r5plwl0o.js/"></script>

Cusdtom WP escape

One major difficulty with passing WordPress org security reviews is escaping late. This function may help.

Alan Fuller

<10

Code Preview

Comments

php


	`<?php`
	`function my_plugin_kses( $html ) {`
	`$kses_defaults = wp_kses_allowed_html( 'post' );`

	`$svg_args = array(`
	`'svg' => array(`
	`'class' => true,`
	`'aria-hidden' => true,`
	`'aria-labelledby' => true,`
	`'role' => true,`
	`'xmlns' => true,`
	`'fill' => true,`
	`'width' => true,`
	`'height' => true,`
	`'viewbox' => true // <= Must be lower case!`
	`),`
	`'g' => array( 'fill' => true ),`
	`'title' => array( 'title' => true ),`
	`'path' => array(`
	`'d' => true,`
	`'fill' => true,`
	`),`
	`'form' => array(`
	`'class' => true,`
	`'action' => true,`
	`'method' => true,`
	`'enctype' => true,`
	`'id' => true,`
	`),`
	`'input' =>`
	`array(`
	`'class' => true,`
	`'name' => true,`
	`'type' => true,`
	`'value' => true,`
	`'selected' => true,`
	`'required' => true,`
	`),`
	`'select' =>`
	`array(`
	`'class' => true,`
	`'name' => true,`
	`),`
	`'option' =>`
	`array(`
	`'class' => true,`
	`'value' => true,`
	`'selected' => true,`
	`),`
	`);`

	`$allowed_tags = array_merge( $kses_defaults, $svg_args );`

	`return wp_kses( $html, $allowed_tags );`
	`}`

function my_plugin_kses( $html ) {        
        $kses_defaults = wp_kses_allowed_html( 'post' );

	$svg_args = array(
		'svg'    => array(
			'class'           => true,
			'aria-hidden'     => true,
			'aria-labelledby' => true,
			'role'            => true,
			'xmlns'           => true,
			'fill'            => true,
			'width'           => true,
			'height'          => true,
			'viewbox'         => true // <= Must be lower case!
		),
		'g'      => array( 'fill' => true ),
		'title'  => array( 'title' => true ),
		'path'   => array(
			'd'    => true,
			'fill' => true,
		),
		'form'   => array(
			'class' => true,
			'action' => true,
			'method' => true,
			'enctype' => true,
			'id' => true,
		),
		'input' =>
			array(
				'class' => true,
				'name'  => true,
				'type'  => true,
				'value' => true,
                                'selected' => true,
                                'required' => true,
			),
		'select' =>
			array(
				'class' => true,
				'name'  => true,
			),
		'option' =>
			array(
				'class' => true,
				'value' => true,
                                'selected' => true,
			),
	);

	$allowed_tags = array_merge( $kses_defaults, $svg_args );

	return wp_kses( $html, $allowed_tags );
}

Embed Snippet on Your Site

Cusdtom WP escape

Comments

Add a Comment Cancel Reply