Skip to content

EscapingFunctionsTrait: remove wp_kses_allowed_html() from escaping functions #2566

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jrfnl merged 1 commit into from
Aug 1, 2025
Merged

EscapingFunctionsTrait: remove wp_kses_allowed_html() from escaping functions #2566

jrfnl merged 1 commit into from
Aug 1, 2025

Conversation

@jrfnl
Copy link
Member

@jrfnl jrfnl commented Jul 26, 2025

The wp_kses_allowed_html() function is not an escaping function, but retrieves an array of allowed HTML tags and attributes for a given context.

Ref: https://developer.wordpress.org/reference/functions/wp_kses_allowed_html/

@jrfnl jrfnl added this to the 3.2.x milestone Jul 26, 2025
GaryJones
GaryJones approved these changes Jul 28, 2025
View reviewed changes
Copy link
Member

@GaryJones GaryJones left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Originally added in this commit.

@jrfnl
EscapingFunctionsTrait: remove wp_kses_allowed_html() from escaping…
c16646e 
… functions

The `wp_kses_allowed_html()` function is not an escaping function, but retrieves an array of allowed HTML tags and attributes for a given context.

Ref: https://developer.wordpress.org/reference/functions/wp_kses_allowed_html/
@jrfnl jrfnl force-pushed the feature/escapingfunctions-remove-wp_kses_allowed_html branch from c08e83f to c16646e Compare August 1, 2025 03:45
@jrfnl
Copy link
Member Author

jrfnl commented Aug 1, 2025

I've rebased & force-pushed the PR in hopes of getting CodeCov to report back. Merging once the build passes.

@jrfnl jrfnl merged commit 2bb6fc5 into develop Aug 1, 2025
52 checks passed
@jrfnl jrfnl deleted the feature/escapingfunctions-remove-wp_kses_allowed_html branch August 1, 2025 03:55
@jrfnl jrfnl modified the milestones: 3.2.x, 3.3.0 Sep 16, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@GaryJones GaryJones GaryJones approved these changes

@dingo-d dingo-d dingo-d approved these changes

Assignees

No one assigned

Labels

Component: Helpers Focus: Security Type: Bug

Projects

None yet

Milestone

3.3.0

Development

Successfully merging this pull request may close these issues.

4 participants

@jrfnl @GaryJones @dingo-d