wp_kses_uri_attributes()WP 5.0.1

Gets a list of HTML attributes that (according to the specification) should specify a URL.

The list includes all attributes: allowed and disallowed in KSES WP.

1 time — 0.000001 sec (speed of light) | 50000 times — 0.10 sec (speed of light) | PHP 7.2.5, WP 5.0.1
Hooks from the function

Returns

String[]. A list of HTML attributes.

Usage

wp_kses_uri_attributes();

Examples

0

#1 What the function returns 

$uris = wp_kses_uri_attributes();

/* $uris = 
Array
(
	[0] => action
	[1] => archive
	[2] => background
	[3] => cite
	[4] => classid
	[5] => codebase
	[6] => data
	[7] => formaction
	[8] => href
	[9] => icon
	[10] => longdesc
	[11] => manifest
	[12] => poster
	[13] => profile
	[14] => src
	[15] => usemap
	[16] => xmlns
)
*/
0

#2 Sanitize the value of the attribute in which the URI is specified

This demo shows how to clear the value of the attribute where the URI should be. This is the logic used to clean values in WP KSES:

$uris              = wp_kses_uri_attributes();
$allowed_protocols = wp_allowed_protocols();
$attrname          = 'href';
$thisval           = 'http://example.com';

if( in_array( strtolower( $attrname ), $uris ) ){
	$thisval = wp_kses_bad_protocol( $thisval, $allowed_protocols );
}

// if $thisval = 'foo://example.com'
echo $thisval; //> //example.com

// if $thisval = 'http://example.com'
echo $thisval; //> http://example.com

Changelog

Since 5.0.1 Introduced.

wp_kses_uri_attributes() code WP 6.8.3

wp-includes/kses.php 
function wp_kses_uri_attributes() {
	$uri_attributes = array(
		'action',
		'archive',
		'background',
		'cite',
		'classid',
		'codebase',
		'data',
		'formaction',
		'href',
		'icon',
		'longdesc',
		'manifest',
		'poster',
		'profile',
		'src',
		'usemap',
		'xmlns',
	);

	/**
	 * Filters the list of attributes that are required to contain a URL.
	 *
	 * Use this filter to add any `data-` attributes that are required to be
	 * validated as a URL.
	 *
	 * @since 5.0.1
	 *
	 * @param string[] $uri_attributes HTML attribute names whose value contains a URL.
	 */
	$uri_attributes = apply_filters( 'wp_kses_uri_attributes', $uri_attributes );

	return $uri_attributes;
}

kses (html cleanup sanitize)

Helper Functions