May 16, 2016 - No Comments!

How to add allowed html tags on WordPress

WordPress is making great strides in security, but sometimes we need more control over the HTML tags allowed to be used in comment and post content.

Are you ready? Let's take a look to "wp_kses_allowed_html" filter, to add more allowed html tags to use in your WordPress themes and plugins.

KSES is an HTML filtering system used by WordPress to seek through variables looking for HTML, it strip all HTML tags except the allowed ones. This functionality was implemented to prevent intruders can inject malicious code in your WordPress site; great, isn't it? 🙂

According to the WordPress Codex the wp_kses_allowed_html function returns an array with all the html tags allowed on WordPress, but, as you can see, their are very few.

For example, to get all the tags allowed on the post context you can use the code below:

$allowed_tags = wp_kses_allowed_html( 'post' );
var_dump( $allowed_tags );

Well, now imagine that you want to add some new tags to the list of those permitted to do so we will use the specific hook "wp_kses_allowed_html", a sample code is shown to follow:

if(!function_exists('thmlv_add_allowed_tags')) {
function thmlv_add_allowed_tags($tags) {
$tags['time'] = array(
'datetime' => true,
);
$tags['span'] = array(
'class' => true,
'id' => true
);
$tags['a'] = array(
'class' => true,
'id' => true,
'href' => true
);
return $tags;
}
add_filter('wp_kses_allowed_html', 'thmlv_add_allowed_tags');
}

As you can see the function contains an array of tags, and each tag contains an array of allowed parameters; you can add any tag and its parameters to fit your needed.

Please, note that i suggest you to be careful before alter the list of allowed HTML tags, add only the ones you really need to avoid security holes on your WordPress site. Remember that with the function above you'll permit the tags chosen to be used in your post content, but also in all post comments!

Do you like this article? If so, how about sharing it?

 

Cheers 🙂

RelatedPost

Published by: Themelovin in Code
Tags: , ,

Leave a Reply