W3cubDocs

/WordPress

filter_block_content( string $text, array[]|string $allowed_html = ‘post’, string[] $allowed_protocols = array() ): string

Filters and sanitizes block content to remove non-allowable HTML from parsed block attribute values.

Parameters

$textstringrequired: Text that may contain block content.
$allowed_htmlarray[]|stringoptional: An array of allowed HTML elements and attributes, or a context name such as 'post'. See wp_kses_allowed_html() for the list of accepted context names. Default 'post'.

Default:'post'
$allowed_protocolsstring[]optional: Array of allowed URL protocols.
Defaults to the result of wp_allowed_protocols() .

Default:array()

Return

string The filtered and sanitized content result.

Source

function filter_block_content( $text, $allowed_html = 'post', $allowed_protocols = array() ) {
	$result = '';

	if ( str_contains( $text, '<!--' ) && str_contains( $text, '--->' ) ) {
		$text = preg_replace_callback( '%<!--(.*?)--->%', '_filter_block_content_callback', $text );
	}

	$blocks = parse_blocks( $text );
	foreach ( $blocks as $block ) {
		$block   = filter_block_kses( $block, $allowed_html, $allowed_protocols );
		$result .= serialize_block( $block );
	}

	return $result;
}

View all references View on Trac View on GitHub

Changelog

Version	Description
5.3.1	Introduced.

© 2003–2024 WordPress Foundation
Licensed under the GNU GPLv2+ License.
https://developer.wordpress.org/reference/functions/filter_block_content