acf/the_field/allow_unsafe_html

acf/the_field/allow_unsafe_html

Hook Type: filter

See hook in core

Displaying hooks found in version: advanced-custom-fields.6.2.7

apply_filters('acf/the_field/allow_unsafe_html') is found 2 times:

  • /includes/api/api-template.php line 119
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
        $unescaped_value = implode( ', ', $unescaped_value );
    }
     
    $field_type = is_array( $field ) && isset( $field['type'] ) ? $field['type'] : 'text';
    if ( apply_filters( 'acf/the_field/allow_unsafe_html', false, $selector, $post_id, $field_type, $field ) ) {
        $value = $unescaped_value;
    } elseif ( (string) $value !== (string) $unescaped_value ) {
        do_action( 'acf/removed_unsafe_html', __FUNCTION__, $selector, $field, $post_id );
    }
     
    echo $value; //phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- escaped by logic above.
  • /includes/api/api-template.php line 888
    884
    885
    886
    887
    888
    889
    890
    891
    892
    893
    894
        $unescaped_value = implode( ', ', $unescaped_value );
    }
     
    $field_type = is_array( $field ) && isset( $field['type'] ) ? $field['type'] : 'text';
    if ( apply_filters( 'acf/the_field/allow_unsafe_html', false, $field_name, 'sub_field', $field_type, $field ) ) {
        $value = $unescaped_value;
    } elseif ( (string) $value !== (string) $unescaped_value ) {
        do_action( 'acf/removed_unsafe_html', __FUNCTION__, $field_name, $field, false );
    }
     
    echo $value; //phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- escaped inside get_sub_field_object where necessary.