Ok This Thread did helped me a LOT! So now my function works (i can embeld HTML5 videos) and it looks like this: function validate_setting($plugin_options){ global $allowedtags; $allowedtags = array( ‘a’ => array( ‘href’ => array (), ‘title’ => array ()), ‘b’ => array( ‘style’=> array(), ), ); $allowedtags[‘video’] = array( ‘width’ => true, ‘height’ … Read more
The > entity is probably being filtered by “esc_textarea”. You can read more about “esc_” below: http://codex.wordpress.org/Data_Validation
It’s not kses. The culprit is this: force_balance_tags() When I remove that, things work. I’m not sure why it’s breaking things, but I’ll look into the source later.
Why wp_kses() not working for rel, target of link in WordPress
Allow html comments with kses
I hope that you don’t have to modify the allowed array with the full data name (data-term) for this to work… It appears to be that way. data-term and data aren’t the same attribute after all, and poking around in core I don’t think any sort of regular expressions can be used as supported attributes. … Read more
KSES is designed to prevent execution of undesired and potentially dangerous tags, not preventing display of the innerHTML. Blocking the content would require –1 Either a custom function that used some kind of string manipulation or xmlDOM manipulation to remove content; or –2 A function that blocked posts that contain the tag with a message … Read more
Found your question as I was searching for an answer. I tried experimenting a bit more with wp_kses and found that lower-casing viewbox in the arguments seems to fix the issue. You don’t have to put the actual attribute on the SVG in lowercase, just the wp_kses() argument. This may be more than you need, … Read more
I wouldn’t call it a benefit or disadvantage, but more of a difference: wp_strip_all_tags simply strips all tags (except for the allowed tags) but does not delete their content by calling the PHP function strip_tags, after removing script and style tags in full, including their contents. wp_kses does no such thing: // Returns ‘alert( “test” … Read more
I would disagree with the solution posted by @JaredCobb, wp_kses() is much more flexible than the method he presented. It can strip out unwanted attributes from tags without destroying the tags themselves. For example, if the user put in <strong class=”foo”>, wp_kses() would return <strong> if you did not allow class, whereas strip_tags() would remove … Read more