filter_block_content()WP 5.3.1

Filters and sanitizes block content to remove non-allowable HTML from parsed block attribute values.

No Hooks.

Return

String. The filtered and sanitized content result.

Usage

filter_block_content( $text, $allowed_html, $allowed_protocols );
$text(string) (required)
Text that may contain block content.
$allowed_html(array[]|string)
An array of allowed HTML elements and attributes, or a context name such as 'post'. See wp_kses_allowed_html() for the list of accepted context names.
Default: 'post'
$allowed_protocols(string[])
Array of allowed URL protocols.
Default: result of wp_allowed_protocols()

Changelog

Since 5.3.1 Introduced.

filter_block_content() code WP 6.4.3

function filter_block_content( $text, $allowed_html = 'post', $allowed_protocols = array() ) {
	$result = '';

	if ( str_contains( $text, '<!--' ) && str_contains( $text, '--->' ) ) {
		$text = preg_replace_callback( '%<!--(.*?)--->%', '_filter_block_content_callback', $text );
	}

	$blocks = parse_blocks( $text );
	foreach ( $blocks as $block ) {
		$block   = filter_block_kses( $block, $allowed_html, $allowed_protocols );
		$result .= serialize_block( $block );
	}

	return $result;
}