Source
File: wp-includes/formatting.php
function wp_targeted_link_rel_callback( $matches ) {
$link_html = $matches[1];
$original_link_html = $link_html;
// Consider the HTML escaped if there are no unescaped quotes.
$is_escaped = ! preg_match( '/(^|[^\\\\])[\'"]/', $link_html );
if ( $is_escaped ) {
// Replace only the quotes so that they are parsable by wp_kses_hair(), leave the rest as is.
$link_html = preg_replace( '/\\\\([\'"])/', '$1', $link_html );
}
$atts = wp_kses_hair( $link_html, wp_allowed_protocols() );
/**
* Filters the rel values that are added to links with `target` attribute.
*
* @since 5.1.0
*
* @param string $rel The rel values.
* @param string $link_html The matched content of the link tag including all HTML attributes.
*/
$rel = apply_filters( 'wp_targeted_link_rel', 'noopener noreferrer', $link_html );
// Return early if no rel values to be added or if no actual target attribute.
if ( ! $rel || ! isset( $atts['target'] ) ) {
return "<a $original_link_html>";
}
if ( isset( $atts['rel'] ) ) {
$all_parts = preg_split( '/\s/', "{$atts['rel']['value']} $rel", -1, PREG_SPLIT_NO_EMPTY );
$rel = implode( ' ', array_unique( $all_parts ) );
}
$atts['rel']['whole'] = 'rel="' . esc_attr( $rel ) . '"';
$link_html = join( ' ', array_column( $atts, 'whole' ) );
if ( $is_escaped ) {
$link_html = preg_replace( '/[\'"]/', '\\\\$0', $link_html );
}
return "<a $link_html>";
}