Advertisements

wp_kses_bad_protocol

Definition:
function wp_kses_bad_protocol($string, $allowed_protocols) {}

Sanitize string from bad protocols.
This function removes all non-allowed protocols from the beginning of $string. It ignores whitespace and the case of the letters, and it does understand HTML entities. It does its work in a while loop, so it won’t be fooled by a string like "javascript:javascript:alert(57)".

Parameters

  • string $string: Content to filter bad protocols from
  • array $allowed_protocols: Allowed protocols to keep

Return values

returns:Filtered content

Source code

function wp_kses_bad_protocol($string, $allowed_protocols) {

	$string = wp_kses_no_null($string);

	$string2 = $string.'a';



	while ($string != $string2) {

		$string2 = $string;

		$string = wp_kses_bad_protocol_once($string, $allowed_protocols);

	} # while



	return $string;

}

3817

Advertisements

No comments yet... Be the first to leave a reply!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: