1 common.inc filter_xss_admin($string)

Applies a very permissive XSS/HTML filter for admin-only use.

Use only for fields where it is impractical to use the whole filter system, but where some (mainly inline) mark-up is desired (so check_plain() is not acceptable).

Allows all tags that can be used inside an HTML body, save for scripts and styles.

Parameters

string $string: The HTML string.

Return value

string:

Related topics

Sanitization functions Functions to sanitize values.

File

core/includes/common.inc, line 1873
Common functions that many Backdrop modules will need to reference.

Code

function filter_xss_admin($string) {
  return filter_xss($string, array(
    'a', 'abbr', 'acronym', 'address', 'article', 'aside', 'b', 'bdi', 'bdo',
    'big', 'blockquote', 'br', 'caption', 'cite', 'code', 'col', 'colgroup',
    'command', 'dd', 'del', 'details', 'dfn', 'div', 'dl', 'dt', 'em',
    'figcaption', 'figure', 'footer', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6',
    'header', 'hgroup', 'hr', 'i', 'img', 'ins', 'kbd', 'li', 'mark', 'menu',
    'meter', 'nav', 'ol', 'output', 'p', 'pre', 'progress', 'q', 'rp', 'rt',
    'ruby', 's', 'samp', 'section', 'small', 'span', 'strong', 'sub', 'summary',
    'sup', 'table', 'tbody', 'td', 'tfoot', 'th', 'thead', 'time', 'tr', 'tt',
    'u', 'ul', 'var', 'wbr',
  ));
}