[wp-trac] [WordPress Trac] #39724: Defining custom validation callbacks for tag/attribute values in wp_kes()

[WordPress Trac]

#39724: Defining custom validation callbacks for tag/attribute values in wp_kes()
-------------------------------+-----------------------------
 Reporter:  enrico.sorcinelli  |      Owner:
     Type:  enhancement        |     Status:  new
 Priority:  normal             |  Milestone:  Awaiting Review
Component:  Formatting         |    Version:  trunk
 Severity:  normal             |   Keywords:
  Focuses:                     |
-------------------------------+-----------------------------
 This patch allows to define a custom validation callbacks to check
 tag/attributres values in `wp_kes()` etc.

 The callbacks are defined through `wp_kses_allowed_html` filter. If a tag
 and/or tag attribute is a callable function/method, then it will be used
 to check/validate/process the value, for example:

 {{{#!php
 <?php

 add_filter( 'wp_kses_allowed_html', 'my_wp_kses_allowed_html_flter' ), 10,
 2 );

 function my_wp_kses_allowed_html_flter ( $tags, $context ) {
    $tags['span']['style'] = function ( $name, $value, $element ) {
       // return sanitized $value or empty to remove it
       return $value;
    };
    // iframe callback
    $tags['iframe'] = function ( $element, $attr ) {
       // does something with complete attribute string or return empty to
 remove it
       return $attr;
       };
    return $tags;
 }
 }}}

 While waiting for the core updates the list of allowed
 tags/attribitutes/values (for example for `style` attribute, see #24157,
 #37134, #37248 and probaly many others), this enhancement could offer the
 possibility of having the fine control over every tag attributes value.

 Regards

--
Ticket URL: <https://core.trac.wordpress.org/ticket/39724>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform