filter_block_content() - Filters and sanitizes block content to remove non-allowable HTML from parsed block attribute values.

filter_block_content() – Filters and sanitizes block content to remove non-allowable HTML from parsed block attribute values.

You appear to be a bot. Output may be restricted

Description

Filters and sanitizes block content to remove non-allowable HTML from parsed block attribute values.

Usage

$string = filter_block_content( $text, $allowed_html, $allowed_protocols );

Parameters

$text: ( string ) required – Text that may contain block content.
$allowed_html: ( array[]|string ) optional default: post – Optional. An array of allowed HTML elements and attributes, or a context name such as 'post'. See wp_kses_allowed_html() for the list of accepted context names. Default 'post'.
$allowed_protocols: ( string[] ) optional – Optional. Array of allowed URL protocols. Defaults to the result of wp_allowed_protocols().

Returns

string The filtered and sanitized content result.

Source

File name: wordpress/wp-includes/blocks.php

Lines:

1 to 19 of 19

function filter_block_content( $text, $allowed_html = 'post', $allowed_protocols = array() ) {
  $result = '';

  if ( str_contains( $text, '<!--' ) && str_contains( $text, '--->' ) ) {
    $text = preg_replace_callback( '%<!--(.*?)--->%', '_filter_block_content_callback', $text );
  }

  $blocks = parse_blocks( $text );
  foreach ( $blocks as $block ) {
    $block   = filter_block_kses( $block, $allowed_html, $allowed_protocols );
    $result .= serialize_block( $block );
  }

  return $result;
}

View on GitHub View on Trac