WC_Helper_Sanitization::wc_pre_sanitize_svg
Sanitize SVG content before processing with wp_kses.
Method of the class: WC_Helper_Sanitization{}
No Hooks.
Returns
String. Sanitized SVG content.
Usage
$result = WC_Helper_Sanitization::wc_pre_sanitize_svg( $content );
- $content(string) (required)
- The SVG content to sanitize.
WC_Helper_Sanitization::wc_pre_sanitize_svg() WC Helper Sanitization::wc pre sanitize svg code WC 10.7.0
public static function wc_pre_sanitize_svg( $content ) {
// Remove any xlink:href attributes containing javascript.
$content = preg_replace( '/xlink:href\s*=\s*(["\'])\s*javascript:.*?\1/i', '', $content );
// Remove foreignObject elements (can contain arbitrary HTML).
$content = preg_replace( '/<foreignObject\b[^>]*>.*?<\/foreignObject>/is', '', $content );
return $content;
}