Filters the list of protocols allowed in HTML attributes.


(string) apply_filters( 'kses_allowed_protocols', (array) $array ); 

This function makes sure that only the allowed HTML element names, attribute names and attribute values plus only sane HTML entities will occur in $string. You have to remove any slashes from PHP's magic quotes before you call this function.

The default allowed protocols are http,, https, ftp , mailto., news, 'irc', gopher, nntp, feed, telnet, mms', rtsp and svn. This covers all common link protocols, except for javascript which should not be allowed for untrusted users.

Returns (string)

Filtered content with only allowed HTML elements

Parameters (1)

0. $array (array) => array ('http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet', 'mms', 'rtsp', 'svn')
The array.


To run the hook, copy the example below.
  1. $array = apply_filters( 'kses_allowed_protocols', $array ); 
  3. if ( !empty( $array ) ) { 
  5. // everything has led up to this point... 
The following example is for adding a hook callback.
  1. // define the kses_allowed_protocols callback 
  2. function filter_kses_allowed_protocols( $array ) { 
  3. // make filter magic happen here... 
  4. return $array
  5. }; 
  7. // add the filter 
  8. add_filter( 'kses_allowed_protocols', 'filter_kses_allowed_protocols', 10, 1 ); 
To remove a hook callback, use the example below.
  1. // remove the filter 
  2. remove_filter( 'kses_allowed_protocols', 'filter_kses_allowed_protocols', 10, 1 ); 

Defined (1)

The filter is defined in the following location(s).

  1. $allowed_protocols = wp_parse_args( $allowed_protocols, apply_filters('kses_allowed_protocols', array ('http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet', 'mms', 'rtsp', 'svn') ));