not sure the difference but I used
 for adding a white space
..then passed it throughwp_kses()
The correct HTML entity for a non-breaking space is — note the ; which is required and without it (i.e.  ), the entity is not valid and when used with wp_kses(), you’d get &nbsp instead of a non-breaking space.
strangely it was working fine before I used
wp_kses()
I’m pretty sure it’s because the browser is smart enough and auto-corrected it to . 🙂
So, always use valid HTML entities and also tags (e.g. close a <div> with a </div>), regardless you use wp_kses() or not. Don’t rely on “intelligent guess” or auto correction by the browser.
Related Posts:
- What characters do I need to escape in XML documents?
- What characters must be escaped in HTML 5?
- How can I selectively escape percent (%) in Python strings?
- How do I escape a single quote in jQuery?
- Escape Character in SQL Server
- How to escape apostrophe (‘) in MySql?
- Should HTML output be passed through esc_html() AND wp_kses()?
- How to prevent escaping when saving HTML code in an option value?
- What to use instead of wp_kses() in user output
- How to correctly escape query variables to be used in WP_Query
- esc_attr / esc_html / esc_url in echos
- When do I need to use esc_html()? [duplicate]
- how to escape wp_oembed_get for phpcs
- what’s different between esc_attr, htmlspecialchars and htmlentities
- Allow all attributes in $allowedposttags tags
- When outputting a static string to the page, is it necessary to escape the output?
- How Flexible are the WordPress Coding Standards for PHPCS?
- why is esc_html() returning nothing given a string containing a high-bit character?
- How to properly escape a translated string?
- Quotes being escaped inside wp_editor when saved with wp_kses_post
- Translate a Constant while appeasing WordPress PHPCS
- Using esc_url() on a url more than once
- Do I need to escape get_theme_mod(‘url’) / (‘mail’) with esc_url?
- Using esc_attr_e
- Why esc_html_() is not used on every text that has a translation (on Twenty Twenty One)?
- Escaping crashes my output
- How to safely escape the title attribute
- How to safely escape data that contains HTML attributes
- Can wp_strip_all_tags be used as a substitute for esc_url, esc_attr & esc_html?
- Echoing a URL to a link
- wp_kses_post escaping doesn’t appear to work as described?
- file_get_contents | escaping doesnt show the page
- Help about Escaping
- How to keep specific tag from an html string?
- wp_kses allow checkbox class and checked
- Escaping Issues
- Escaping and Special Characters (e.g. &)
- Escaping get_option( ‘time_format’ ) is nesserary?
- How should esc_url be combined with trailingslashit?
- Correct way of using esc_attr() and esc_html()
- What are all the escape characters?
- Which characters need to be escaped when using Bash?
- How do I use spaces in the Command Prompt?
- With “magic quotes” disabled, why does PHP/WordPress continue to auto-escape my POST data?
- Typical wp_kses $allowed
- From a security standpoint, should bloginfo() or get_bloginfo() be escaped?
- Escaping and sanitizing SVGs in metabox textarea
- Which WP functions do you need to use esc_html() or esc_url() on?
- What’s the difference between esc_* functions?
- How to escape custom css?
- How to Use Wildcards in $wpdb Queries Using $wpdb->get_results & $wpdb->prepare?
- Escaping SVG with KSES
- Should messages in WP_Error already be html escaped?
- When do I need to use esc_attr when using WordPress internal functions
- wp_kses_post only removes tags, but not their content
- Disable escaping html
- Do you need to escape hard coded plain text?
- What is the difference between strip_tags and wp_filter_nohtml_kses?
- WP Editor strips input placeholder attribute
- How do I stop HTML entities in a custom meta box from being un-htmlentitied?
- Why should I escape translatable strings? and how shall i do that?
- Change allowed HTML tags for comments
- Do I need to use the esc_html() function on hard coded links?
- How Could I sanitize the receive data from this code
- Should you escape hardcoded URLs?
- Proper use of internationalization
- When I re-save a post with [code] sections, the entities are double-escaped (> becomes > etc)
- Escape post image attachments added to template
- wp_query not searching with apostrophe
- wp_kses and magic quotes
- Which escape function to use when escaping an email or plain text?
- Is Wrapping intval() Around esc_attr() Redundant for Escaping Input?
- Base64 & JSON Encode array in PHP, use as HTML data attribute, decode and parse in JavaScript …. with proper Escaping
- Something is unescaping all html entities before output to browser [closed]
- How to get my post title to work with an apostrophe (‘s)?
- How can I remove the kses filters when saving a specific post type ? (it breaks my JSON)
- Securing/Escaping Output of file content – reading via fread() in PHP
- Is it possible to run wp_kses on all posts?
- I want to allow the use of a data-flw attribute in links in comments
- Add Attribute to p Tag of Post Content
- How to escape html generate by a loop
- Inline style HTML attribute is being stripped from all elements of a post
- How to escape multiple attribute at once in WordPress?
- Add HTML to Term Description
- Is there any solution, ide/tool etc., for automatic escaping for WordPress?
- Proper way to use esc_html__ and esc_attr__ etc for escaping value for translation
- ACF Unexpected T_CONSTANT_ENCAPSED_STRING [closed]
- How to pass an array as attribute of shortcode to work properly shortcode parser?
- how can i send this to wp_head – escape problem
- How to correctly escape an echo
- how to unescape wordpress output
- How to use wp_filter_oembed_result?
- WordPress post_content gets deleted in cron after wp_update_post
- Escaping a WPDB Object in One Shot
- Render the metabox input values as HTML
- Any ideas how to allow CSS input to perfectly work in the text area with wp_kses?
- problem with quotes on new post
- Multisite, but wp_kses_allowed_html only for one subsite?
- how to sanitizing $_POST with the correct way?
- How do I return XML to an API post request