wp_allowed_protocols example

/** * Helper function used to build the "rel" attribute for a URL when creating an anchor using make_clickable(). * * @since 6.2.0 * * @param string $url The URL. * @return string The rel attribute for the anchor or an empty string if no rel attribute should be added. */
function _make_clickable_rel_attr( $url ) {
    $rel_parts        = array();
    $scheme           = strtolower( wp_parse_url( $url, PHP_URL_SCHEME ) );
    $nofollow_schemes = array_intersect( wp_allowed_protocols(), array( 'https', 'http' ) );

    // Apply "nofollow" to external links with qualifying URL schemes (mailto:, tel:, etc... shouldn't be followed).     if ( ! wp_is_internal_link( $url ) && in_array( $scheme$nofollow_schemes, true ) ) {
        $rel_parts[] = 'nofollow';
    }

    // Apply "ugc" when in comment context.     if ( 'comment_text' === current_filter() ) {
        $rel_parts[] = 'ugc';
    }

    

function wp_filter_oembed_iframe_title_attribute( $result$data$url ) {
    if ( false === $result || ! in_array( $data->type, array( 'rich', 'video' ), true ) ) {
        return $result;
    }

    $title = ! empty( $data->title ) ? $data->title : '';

    $pattern = '`<iframe([^>]*)>`i';
    if ( preg_match( $pattern$result$matches ) ) {
        $attrs = wp_kses_hair( $matches[1]wp_allowed_protocols() );

        foreach ( $attrs as $attr => $item ) {
            $lower_attr = strtolower( $attr );
            if ( $lower_attr === $attr ) {
                continue;
            }
            if ( ! isset( $attrs[ $lower_attr ] ) ) {
                $attrs[ $lower_attr ] = $item;
                unset( $attrs[ $attr ] );
            }
        }
    }

function wp_kses( $content$allowed_html$allowed_protocols = array() ) {
    if ( empty( $allowed_protocols ) ) {
        $allowed_protocols = wp_allowed_protocols();
    }

    $content = wp_kses_no_null( $content, array( 'slash_zero' => 'keep' ) );
    $content = wp_kses_normalize_entities( $content );
    $content = wp_kses_hook( $content$allowed_html$allowed_protocols );

    return wp_kses_split( $content$allowed_html$allowed_protocols );
}

/** * Filters one HTML attribute and ensures its value is allowed. * * This function can escape data in some situations where `wp_kses()` must strip the whole attribute. * * @since 4.2.3 * * @param string $attr The 'whole' attribute, including name and value. * @param string $element The HTML element name to which the attribute belongs. * @return string Filtered attribute. */

function wp_is_internal_link( $link ) {
    $link = strtolower( $link );
    if ( in_array( wp_parse_url( $link, PHP_URL_SCHEME )wp_allowed_protocols(), true ) ) {
        return in_array( wp_parse_url( $link, PHP_URL_HOST )wp_internal_hosts(), true );
    }
    return false;
}

    }

    if ( isset( $_POST['email'] ) ) {
        $user->user_email = sanitize_text_field( wp_unslash( $_POST['email'] ) );
    }
    if ( isset( $_POST['url'] ) ) {
        if ( empty( $_POST['url'] ) || 'http://' === $_POST['url'] ) {
            $user->user_url = '';
        } else {
            $user->user_url = sanitize_url( $_POST['url'] );
            $protocols      = implode( '|', array_map( 'preg_quote', wp_allowed_protocols() ) );
            $user->user_url = preg_match( '/^(' . $protocols . '):/is', $user->user_url ) ? $user->user_url : 'http://' . $user->user_url;
        }
    }
    if ( isset( $_POST['first_name'] ) ) {
        $user->first_name = sanitize_text_field( $_POST['first_name'] );
    }
    if ( isset( $_POST['last_name'] ) ) {
        $user->last_name = sanitize_text_field( $_POST['last_name'] );
    }
    if ( isset( $_POST['nickname'] ) ) {
        $user->nickname = sanitize_text_field( $_POST['nickname'] );
    }
Home | Imprint | This part of the site doesn't use cookies.