W3cubDocs

/WordPress

filter_block_kses_value( string[]|string $value, array[]|string $allowed_html, string[] $allowed_protocols = array(), array $block_context = null ): string[]|string

Filters and sanitizes a parsed block attribute value to remove non-allowable HTML.

Parameters

$valuestring[]|stringrequired: The attribute value to filter.
$allowed_htmlarray[]|stringrequired: An array of allowed HTML elements and attributes, or a context name such as 'post'. See wp_kses_allowed_html() for the list of accepted context names.
$allowed_protocolsstring[]optional: Array of allowed URL protocols.
Defaults to the result of wp_allowed_protocols() .

Default:array()
$block_contextarrayoptional: The block the attribute belongs to, in parsed block array format.

Default:null

Return

string[]|string The filtered and sanitized result.

Source

function filter_block_kses_value( $value, $allowed_html, $allowed_protocols = array(), $block_context = null ) {
	if ( is_array( $value ) ) {
		foreach ( $value as $key => $inner_value ) {
			$filtered_key   = filter_block_kses_value( $key, $allowed_html, $allowed_protocols, $block_context );
			$filtered_value = filter_block_kses_value( $inner_value, $allowed_html, $allowed_protocols, $block_context );

			if ( isset( $block_context['blockName'] ) && 'core/template-part' === $block_context['blockName'] ) {
				$filtered_value = filter_block_core_template_part_attributes( $filtered_value, $filtered_key, $allowed_html );
			}
			if ( $filtered_key !== $key ) {
				unset( $value[ $key ] );
			}

			$value[ $filtered_key ] = $filtered_value;
		}
	} elseif ( is_string( $value ) ) {
		return wp_kses( $value, $allowed_html, $allowed_protocols );
	}

	return $value;
}

View all references View on Trac View on GitHub

Changelog

Version	Description
6.5.5	Added the `$block_context` parameter.
5.3.1	Introduced.

© 2003–2024 WordPress Foundation
Licensed under the GNU GPLv2+ License.
https://developer.wordpress.org/reference/functions/filter_block_kses_value