Skip to:
Content
Pages
Categories
Search
Top
Bottom

Buddypress allowedTags

  • Avatar of mpa4hu
    mpa4hu
    Participant

    @mpa4hu

    I found this filters:

    /**
     * Custom kses filtering for activity content.
     *
     * @since BuddyPress (1.1)
     *
     * @uses apply_filters() To call the 'bp_activity_allowed_tags' hook.
     * @uses wp_kses()
     *
     * @param string $content The activity content.
     * @return string $content Filtered activity content.
     */
    function bp_activity_filter_kses( $content ) {
    	global $allowedtags;
    
    	$activity_allowedtags = $allowedtags;
    	$activity_allowedtags['span']          = array();
    	$activity_allowedtags['span']['class'] = array();
    	$activity_allowedtags['a']['class']    = array();
    	$activity_allowedtags['a']['id']       = array();
    	$activity_allowedtags['a']['rel']      = array();
    	$activity_allowedtags['img']           = array();
    	$activity_allowedtags['img']['src']    = array();
    	$activity_allowedtags['img']['alt']    = array();
    	$activity_allowedtags['img']['class']  = array();
    	$activity_allowedtags['img']['width']  = array();
    	$activity_allowedtags['img']['height'] = array();
    	$activity_allowedtags['img']['class']  = array();
    	$activity_allowedtags['img']['id']     = array();
    	$activity_allowedtags['img']['title']  = array();
    	$activity_allowedtags['code']          = array();
    
    	$activity_allowedtags = apply_filters( 'bp_activity_allowed_tags', $activity_allowedtags );
    	return wp_kses( $content, $activity_allowedtags );
    }

    why img is allowed? is not it a security issue? where do you use id or class?

You must be logged in to reply to this topic.