What is the difference between strip_tags and wp_filter_nohtml_kses?

Technical difference is kinda obvious. PHP one is single function, using logic in PHP code. WP one is one of family of functions, based on third party KSES library.

Is there practical difference between these two specific functions? I think the important point is that strip_tags() was made for utility, while KSES was made for security.

So, while results would likely be close in most cases, I would expect KSES implementation be slower and more thorough.

I have encountered comparison of HTML filters at HTML Purifier site, following is excerpt of strip_tags() and kses (original, non-WP version) summary (there is more there on both):

+------------+------------+---------+-------------+---------+------------+--------------------------+
|  Library   | Whitelist  | Removal | Well-formed | Nesting | Attributes | XSS safe | Standards safe |
+------------+------------+---------+-------------+---------+------------+----------+----------------+
| strip_tags | Yes (user) | Buggy   | No          | No      | No         | No       | No             |
| kses       | Yes (user) | Yes     | No          | No      | Partial    | Probably | No             |
+------------+------------+---------+-------------+---------+------------+----------+----------------+

Related Posts:

  1. What is the difference between esc_html and wp_filter_nohtml_kses?
  2. In Which Contexts are Plugins Responsible for Data Validation/Sanitization?
  3. How to properly validate data from $_GET or $_REQUEST using WordPress functions?
  4. Escaping built-in WP function return strings
  5. Coding a plugin on WordPress; when should I sanitize? [duplicate]
  6. WordPress security issue to output data from user input from theme option form
  7. wp_nonce_field displaying twice
  8. Is it necessary to do validation again when retrieving data from database?
  9. Why would you use esc_attr() on internal functions?
  10. Using HTML links within translatable string
  11. Using password protection to load different page elements?
  12. esc_url, esc_url_raw or sanitize_url?
  13. ajaxurl not defined on front end
  14. How to store username and password to API in wordpress option DB?
  15. How can I configure Docker for developing and deploying a custom theme?
  16. Where to store PHP files created by plugin / themes
  17. Nonces can be reused multiple times? Bug / Security issue?
  18. How to post data to same page in wordpress
  19. WordPress and PHP Sessions – Security and Performance
  20. Understanding WordPress functions’ naming conventions
  21. Is there widely accepted phpDoc syntax for documenting which hook calls a function?
  22. Log in from one wordpress website to another wordpress website
  23. How do I Make a Theme “plugin-ready”?
  24. How to Add a .js file Only in one specific Page Dynamically to Head
  25. Show a user their recently viewed posts
  26. WP Cron doesn’t save or in post body
  27. Add new user and add meta at once
  28. How to Display Custom Post Type’s Gallery (images ) in Through WP_Query
  29. Customizer Not Saving Options
  30. Confusion on WP Nonce usage in my Plugin
  31. Error : “Updating failed: The response is not a valid JSON response” with custom shortcode
  32. array_map() for sanitizing $_POST
  33. What’s the better way to add an inline script?
  34. Metabox Not Showing on Custom Post Type But On Pages and Post
  35. Backslashes being stripped from CSS
  36. How to determine if the current file is loaded in a plugin or in a theme?
  37. Filter, or any way to dynamically change theme screenshot image?
  38. Finding the paragraphs in content
  39. How to avoid loading same script twice?
  40. Is there any way to check for user login and send him to login?
  41. Can I individually style items in the backend widget list?
  42. WP_Query returns no results
  43. Finding posts containing matching array elements in a meta field usign WP_Query
  44. Should action callbacks start with a verb?
  45. WordPress not working on localhost
  46. How to Create Custom HTML Tag on Editor in `Text(HTML)` mode
  47. Is It Always a Best Practice to Decouple the Frontend from the Admin Area When Developing a WordPress Application?
  48. Beginner advice
  49. How to render a time-of-day string like ’16:42′ with a site’s chosen time format?
  50. Are block templates incompatible with serialize_blocks?
  51. How to filter users list on user_status field with get_users()
  52. SQL query for custom taxonomy slugs
  53. Can Page Templates be Applied to Archive and Post Templates?
  54. Is there some way to provide the user a list of existing content in a CPT
  55. Change the look and feel of admin pages
  56. Form doesnt save to database
  57. Notice: Trying to get property ‘term_id’ of non-object
  58. What is the proper method of using global $post?
  59. best way to make a WordPresss multisite that is secure but at the same time supporting my plugin development efforts
  60. How to change title tag at page after loaded post?
  61. Prevent invalid or empty values from being saved to the database and retain the form field values upon error
  62. WordPress custom taxonomy check box to dropdown
  63. Selectively update themes in WordPress multisite
  64. add_submenu_page hooked function must explicitly check user capabilities – why?
  65. Getting a WordPress Debug Strategy
  66. Conditional Generation of Image Sizes using add_image_size
  67. WP Still Generating 150×150 Thumbnail Size Even After Un-Setting Small Size in Functions.php
  68. Does WordPress default CSS have Grids?
  69. How to resize WordPress images on upload to specific height and width without cropping it
  70. How can I save a password securely as a settings field
  71. rewrite_rules problem
  72. Why does website stretch and white space on load? [duplicate]
  73. Pass custom props to
  74. Include external po file for 3th party plugin to theme
  75. How to make premium plugin? I want to limit it until verification
  76. Google Web Core Vitals – management, how to in wordpress and advice
  77. How to hide/remvoe unnecessary field/section in post edit section ( Dashboard )
  78. Scripts/styles not loading on cloned WP Site when logged in
  79. redirect_to how to make it simply work with get parameter or similar?
  80. Determine if the current page, is being edited
  81. Is it possible to modify an Elated plugin portfolio-list template in such a way that it will not conflict with future plugin updates?
  82. Woocommerce Custom Checkout
  83. Looping single post in a theme
  84. What is more secure checking capabilities of user or checking role of user in WordPress plugin development
  85. WordPress permalink setting
  86. Custom theme and plugin updating
  87. Adding class to the parent of current-post-ancestor / current-menu-parent / current-post-parent
  88. problem with blank page
  89. grouping my widgets wordpress
  90. Updating Style From WP Options Setting Page
  91. Create and style menu
  92. If I want to create new taxonomies (e.g. Project / Documents / Etc…) is it better to create them in the theme’s functions.php or within a plugin? [duplicate]
  93. How to add something after a function
  94. how many rupee or dollar charge to client to make theme [closed]
  95. how to catch a data from a array in WordPress
  96. How are themes and plugins localized using the gettext GNU framework?
  97. Theme, Plugin or Both?
  98. Is there any other ways to replicating changes on live from staging without pushing from git
  99. Hook a search form anywhere on the site, using a custom plugin
  100. Fetch Custom Woocomerce filed data and check the data avialble in Wp-user table as nicname or username using function.php

Leave a Comment