wpseek.com
Uma área de pesquisa sobre o WordPress para devs e autores do tema
wp_kses_bad_protocol › WordPress Function
Desde1.0.0
Obsoleton/a
› wp_kses_bad_protocol ( $content, $allowed_protocols )
Parâmetros: (2) |
|
Retorna: |
|
Definido em: |
|
Codex: |
Sanitizes a string and removed disallowed URL protocols.
This function removes all non-allowed protocols from the beginning of the string. It ignores whitespace and the case of the letters, and it does understand HTML entities. It does its work recursively, so it won't be fooled by a string likejavascript:javascript:alert(57)
.Funções relacionadas: wp_kses_bad_protocol_once, wp_allowed_protocols, wp_kses_post, wp_get_server_protocol, wp_kses_allowed_html
Fonte
function wp_kses_bad_protocol( $content, $allowed_protocols ) { $content = wp_kses_no_null( $content ); // Short-circuit if the string starts with `https://` or `http://`. Most common cases. if ( ( str_starts_with( $content, 'https://' ) && in_array( 'https', $allowed_protocols, true ) ) || ( str_starts_with( $content, 'http://' ) && in_array( 'http', $allowed_protocols, true ) ) ) { return $content; } $iterations = 0; do { $original_content = $content; $content = wp_kses_bad_protocol_once( $content, $allowed_protocols ); } while ( $original_content !== $content && ++$iterations < 6 ); if ( $original_content !== $content ) { return ''; } return $content; }