Filter
uncanny-automator
automator_content_kses_args
Filters the arguments used by Kses for sanitizing content before saving.
add_filter( 'automator_content_kses_args', $callback, 10, 1 );
Description
Filters the arguments used forkses (kses) sanitization when rendering content, particularly for custom buttons and integrations. Developers can modify allowed HTML tags, attributes, or add new ones to customize how user-generated content within automations is displayed safely. Use with caution to avoid introducing XSS vulnerabilities.
Usage
add_filter( 'automator_content_kses_args', 'your_function_name', 10, 1 );Parameters
-
$kses_args(mixed) - This parameter contains an array of allowed HTML tags and their attributes for sanitizing content.
Return Value
The filtered value.
Examples
<?php
/**
* Example of using the 'automator_content_kses_args' filter to add custom allowed HTML attributes.
*
* This filter allows developers to modify the arguments passed to WordPress's kses (kses_init)
* function, which controls which HTML tags and attributes are allowed in content.
*
* In this example, we're adding a custom data attribute 'data-automation-id'
* to be allowed on all HTML elements. This could be useful if your automation plugin
* adds elements with custom IDs for tracking or manipulation.
*
* @param array $kses_args The existing kses arguments.
* @return array Modified kses arguments with custom attributes allowed.
*/
add_filter(
'automator_content_kses_args',
function( $kses_args ) {
// Check if the default 'post' kses group exists.
if ( isset( $kses_args['post'] ) ) {
// Add the custom data attribute to the global allowed attributes.
// This will make it allowed on most common tags like <div>, <p>, <span>, etc.
$kses_args['post']['global_attributes']['data-automation-id'] = true;
// If you wanted to allow it only on specific tags, you could do something like:
// $kses_args['post']['div']['data-automation-id'] = true;
}
return $kses_args;
},
10, // Priority: Default priority.
1 // Accepted Args: The filter only passes one argument.
);Placement
This code should be placed in the functions.php file of your active theme, a custom plugin, or using a code snippets plugin.
Source Code
src/core/lib/settings/trait-premium-integration-templating-helpers.php:554
protected function filter_content_kses_args() {
$kses_args = array(
'a' => array(
'href' => array(),
'target' => array(),
),
'strong' => array(),
'i' => array(),
'em' => array(),
'br' => array(),
'ol' => array(
'class' => array(),
),
'li' => array(),
'uo-button' => array(
'type' => array(),
'name' => array(),
'value' => array(),
'disabled' => array(),
'loading' => array(),
'color' => array(),
'size' => array(),
'href' => array(),
'target' => array(),
'needs-confirmation' => array(),
'confirmation-heading' => array(),
'confirmation-content' => array(),
'confirmation-button-label' => array(),
),
'uo-icon' => array(
'id' => array(),
'integration' => array(),
'size' => array(),
'animation' => array(),
'icon-style' => array(),
'is-duotone' => array(),
'show-tooltip' => array(),
),
'uo-text-field' => array(
'id' => array(),
'value' => array(),
'type' => array(),
'label' => array(),
'class' => array(),
'required' => array(),
'disabled' => array(),
'name' => array(),
'placeholder' => array(),
'helper' => array(),
'copy-to-clipboard' => array(),
),
);
// Custom button args
$kses_args['uap-app-integration-settings-button'] = $kses_args['uo-button'];
return apply_filters( 'automator_content_kses_args', $kses_args );
}