wordpress / latest / functions / wp_allowed_protocols.html

wp_allowed_protocols(): string[]

Retrieves a list of protocols to allow in HTML attributes.

Description

See also

Return

string[] Array of allowed protocols. Defaults to an array containing 'http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'irc6', 'ircs', 'gopher', 'nntp', 'feed', 'telnet', 'mms', 'rtsp', 'sms', 'svn', 'tel', 'fax', 'xmpp', 'webcal', and 'urn'.
This covers all common link protocols, except for 'javascript' which should not be allowed for untrusted users.

Source

File: wp-includes/functions.php. View all references

function wp_allowed_protocols() {
	static $protocols = array();

	if ( empty( $protocols ) ) {
		$protocols = array( 'http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'irc6', 'ircs', 'gopher', 'nntp', 'feed', 'telnet', 'mms', 'rtsp', 'sms', 'svn', 'tel', 'fax', 'xmpp', 'webcal', 'urn' );
	}

	if ( ! did_action( 'wp_loaded' ) ) {
		/**
		 * Filters the list of protocols allowed in HTML attributes.
		 *
		 * @since 3.0.0
		 *
		 * @param string[] $protocols Array of allowed protocols e.g. 'http', 'ftp', 'tel', and more.
		 */
		$protocols = array_unique( (array) apply_filters( 'kses_allowed_protocols', $protocols ) );
	}

	return $protocols;
}

Hooks

Uses

Uses Description

Used By

Used By Description

Changelog

Version Description
5.6.0 Added 'irc6' and 'ircs' to the protocols array.
5.3.0 Added 'sms' to the protocols array.
4.7.0 Added 'urn' to the protocols array.
4.3.0 Added 'webcal' to the protocols array.
3.3.0 Introduced.

© 2003–2022 WordPress Foundation
Licensed under the GNU GPLv2+ License.
https://developer.wordpress.org/reference/functions/wp_allowed_protocols