acf/the_field/allow_unsafe_html

acf/the_field/allow_unsafe_html

Hook Type: filter

See hook in core

Displaying hooks found in version: advanced-custom-fields.6.3.1

apply_filters('acf/the_field/allow_unsafe_html') is found 2 times:

  • /includes/api/api-template.php line 119
    		$unescaped_value = implode( ', ', $unescaped_value );
	}

	$field_type = is_array( $field ) && isset( $field['type'] ) ? $field['type'] : 'text';
	if ( apply_filters( 'acf/the_field/allow_unsafe_html', false, $selector, $post_id, $field_type, $field ) ) {
		$value = $unescaped_value;
	} elseif ( (string) $value !== (string) $unescaped_value ) {
		do_action( 'acf/removed_unsafe_html', __FUNCTION__, $selector, $field, $post_id );
	}

	echo $value; //phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- escaped by logic above.
  • /includes/api/api-template.php line 893
    		$unescaped_value = implode( ', ', $unescaped_value );
	}

	$field_type = is_array( $field ) && isset( $field['type'] ) ? $field['type'] : 'text';
	if ( apply_filters( 'acf/the_field/allow_unsafe_html', false, $field_name, 'sub_field', $field_type, $field ) ) {
		$value = $unescaped_value;
	} elseif ( (string) $value !== (string) $unescaped_value ) {
		do_action( 'acf/removed_unsafe_html', __FUNCTION__, $field_name, $field, false );
	}

	echo $value; //phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- escaped inside get_sub_field_object where necessary.