acf/the_field/allow_unsafe_html

acf/the_field/allow_unsafe_html

Hook Type: filter

See hook in core

Displaying hooks found in version: advanced-custom-fields.6.3.5

apply_filters('acf/the_field/allow_unsafe_html') is found 2 times:

  • /includes/api/api-template.php line 123
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
        $unescaped_value = false;
    }
     
    $field_type = is_array( $field ) && isset( $field['type'] ) ? $field['type'] : 'text';
    if ( apply_filters( 'acf/the_field/allow_unsafe_html', false, $selector, $post_id, $field_type, $field ) ) {
        $value = $unescaped_value;
    } elseif ( $unescaped_value !== false && (string) $value !== (string) $unescaped_value ) {
        do_action( 'acf/removed_unsafe_html', __FUNCTION__, $selector, $field, $post_id );
    }
     
    echo $value; //phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- escaped by logic above.
  • /includes/api/api-template.php line 901
    897
    898
    899
    900
    901
    902
    903
    904
    905
    906
    907
        $unescaped_value = false;
    }
     
    $field_type = is_array( $field ) && isset( $field['type'] ) ? $field['type'] : 'text';
    if ( apply_filters( 'acf/the_field/allow_unsafe_html', false, $field_name, 'sub_field', $field_type, $field ) ) {
        $value = $unescaped_value;
    } elseif ( $unescaped_value !== false && (string) $value !== (string) $unescaped_value ) {
        do_action( 'acf/removed_unsafe_html', __FUNCTION__, $field_name, $field, false );
    }
     
    echo $value; //phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- escaped inside get_sub_field_object where necessary.