How to safely sanitize a textarea which takes full HTML input

There is already a huge list built for you, which can be returned by wp_kses_allowed_html() based on context, and filtered via the wp_kses_allowed_html filter, also contextually. Creating that list should not be hard.

However, “the whole range of HTML tags that might appear in an HTML email” should be pretty close to the range allowed for an ordinary post so wp_kses_post() ought to get you a long way with little effort.

Related Posts:

  1. Sanitizing, Validating and Escaping in WordPress (Plugin)
  2. MITM risk of not sanitizing?
  3. Sanitize $_GET variable when comparing
  4. Can we validate data from jquery
  5. How can I properly sanitize the update_option in WordPress?
  6. Making my plugin multi-site compatible
  7. Checking if an attribute exists in a shortcode
  8. How to create a WordPress plugin for another wordpress plugin?
  9. How to add option box in “Edit Post” plugin API?
  10. use WordPress theme / plugin editor in my plugin
  11. What is the best way to output plugin result in certain url
  12. Plugin development: how to create a form and get custom data?
  13. Security error WP 4.0 + WP phpBB Bridge [closed]
  14. WordPress adding tags into plugin content
  15. Plugin Development: WordPress processes twice on post update. How to skip process on the first?
  16. Execute a function using ajax
  17. This doesnt work for Plugin get_template_directory_uri()
  18. Is it possible to upload a template file to a directory that can be used by all themes?
  19. WordPress hook for visiting a post
  20. Fatal error: Class not found in
  21. Showing Notifications While Activating Plugin
  22. Workflow and best practice for documentation [closed]
  23. Creating a modal dialog without jQuery
  24. What user roles should have wp_unique_post_slug_is_bad_flat_slug filter applied?
  25. Where to put my global functions?
  26. Hidden Custom Post Type
  27. Is there a way to programmatically enable a plugin?
  28. Adding Attachment Display Settings in custom media frame
  29. How to include code into functions.php file via a plugin
  30. Do We Need to Validate, Sanitize, or Filter Simple Numerical Superglobals (Cookies and Post)?
  31. How can I get WordPress to save comments in markdown format?
  32. Simple ajax call not working in wordpress plugin
  33. How to save post change url youtube link?
  34. __callStatic method handler passed to add_action causes bug in PHP
  35. New databes tables with – WooCommerce – for developers [closed]
  36. Plugin-generated pages use Not Found or Pages Archive templates?
  37. 306 MB of wp_options occupied by WordPress SEO Plugin, is that normal? [closed]
  38. Perform internal redirect in WordPress?
  39. How to prevent plugins from loading jQuery
  40. Inject HTML meta tag inside wordpress tag using add_shortcode
  41. Disable Individual Plugins (specifically in Custom Post Types) on a per-post basis?
  42. Can plugin2 uninstall plugin1 at the very beginning of plugin2’s installation?
  43. Basic question about accessing scripts in my plugin
  44. Automatically download, install and activate plugins that my plugin depends, how?
  45. How to create WordPress custom end point with multiple parameters?
  46. How to redirect to same page after form submission
  47. plugin dev – minimum base css specificity?
  48. I changed font of wordpress dashboard but it is slow!
  49. WordPress SVN UTF-8 issue
  50. Creating a functionality plugin to edit seriously simple podcasting
  51. Plugin temporary files and files to download via FTP
  52. Asynchronous request in wordpress
  53. change or add css to theme from plugin
  54. How to add credit card validation check to wordpress [closed]
  55. Displaying data from another database
  56. Every time I de-activate a custom plugin, the site encounters a critical error
  57. Next Previous Post in wordpress with previous / next link with title?
  58. Custom Fields for Page Edits
  59. Apply html elements in php statement
  60. How to make sure settings are not lost when plugin is updated?
  61. How Can i import plugin option?
  62. How to Get Category Name When Export Products
  63. Remove List Bullets
  64. How to override any plugin file in the child theme
  65. How to set plugin auto-update Enabled by default?
  66. Custom plugin activation error
  67. Define global variable in theme file and call that variable in plugin file
  68. How to capture hidden values with Gravity Forms
  69. How to translate to spanish wordpress hardcoded content/files?
  70. Custom Plugin Update
  71. How do I stop plugins and themes from getting updated in a new plugin?
  72. How come W3TC is allowed to host premium code in the WordPress repo?
  73. Multiple image selection custom widget
  74. How to Create a Learning Management Plugin in WordPress to Manage Courses [LMS]
  75. Passing function into add_action always returns the first argument
  76. Paid Membership Pro displaying a user name in PHP
  77. Make another copy of a plugin and install it
  78. Store admin page into variable
  79. Custom plugin giving: wp-admin/admin-ajax.php 400 (Bad Request)
  80. WP Plugin CSS not being applied to page
  81. Creating Nested custom fields
  82. plugin not hooking to my custom hook
  83. Populate select option with JSON file
  84. Enahanced search for edit.php and custom post type
  85. Unable to sync woocommerce variations
  86. Can’t find variable is_single in my jQuery plugin
  87. Escaping and sanitization
  88. How to save default values into an option and delete those upon actvation and deactivation in wordpress?
  89. How to Add Jquery FullCalendar in wp plugin in admin
  90. Plugin hook breaks new WP 4.0 media library grid view?
  91. Ajax, jQuery and WordPress
  92. How to get site homepage from plugin?
  93. Unable to show 4 products in a row
  94. WordPress check box unchecked on null value ternary operator [plugin development]
  95. How to add image for custom taxonomy
  96. WordPress Hooks : Where to place callbacks that repetitively yield the same effect?
  97. wordpress Ajax success doesn’t return the value
  98. Meta box not displaying on the plugin page
  99. public custom posts not showing in my wordpress plugin
  100. Allow manage_options capability for specific user only for specific plugin?

Leave a Comment