WordPress by default filters out potentially harmful and/or invalid HTML. But in some cases you might want some of that invalid HTML!
One of those cases occurred today when we needed to embed a Google Form in a post. To do so, Google provides you with HTML code that contains a iframe, but uh-oh! The iframe element is not allowed by default.
If you look in wp-includes/kses.php you see a variable called $allowedposttags. The array contains all the allowed tags, and their allowed attributes. So you could also change the allowed attributes for the already allowed elements if you so wish.
To include iframe in the list of allowed element I added the following code to my theme’s functions.php:
$allowedposttags["iframe"] = array( "src" => array(), "height" => array(), "width" => array() );
And something that is always requested is the ability to simply just paste the embed-code provided by YouTube or Vimeo without having it filtered out. To do so simply add this to your functions.php or plugin:
$allowedposttags["object"] = array( "height" => array(), "width" => array() ); $allowedposttags["param"] = array( "name" => array(), "value" => array() ); $allowedposttags["embed"] = array( "src" => array(), "type" => array(), "allowfullscreen" => array(), "allowscriptaccess" => array(), "height" => array(), "width" => array() );
But if you want to embed Flash files in a more standard compliant and modern way, check out our Easy Flash Embed plugin instead!
[…] How to change the allowed HTML tags for WordPress March 2010 […]
Thanks for the tip! I needed to allow id attributes on my div tags to stop the layout breaking and your solution was just the job!
just what i needed!
[…] amigos en la red que me apuntaron en la dirección correcta: Fuente: HTML5 Tag Reference Fuente: WordPress Quick Tips Publicado en Diario, HTML, Videos | Etiquetado diario, html, html5, videos | Deja una […]
I cant understand, i cant followed this tips, very difficult for me.. :lol
But this won’t work in WordPress Hosted Website. So what is the solution?
you can’t change functions.php on a site at wordpress.com.
You are right. You can’t change this on a wordpress.com-site. There is no solution for that.
OK thanks. I have got a site on WordPress.com and all I can do is to use HTML/CSS inline. There is no way to insert any other tags like Google/Bing verification codes etc.
I’d suggest looking at the WordPress.com Support pages
Okay, sorry for being so new, do we are referring to wordpress.com or wordpress.org? I work with. com and I can not (or is that I lack knowledge) to do that.
Hi, unfortunately there isn’t any way to modify it on a wordpress.com hosted blog.
is it possible to have specific values for attributes? For e.g I want to allow my users to use the script tag but the src attribute should always.. start with https://www.abcd.com
Its look like little tricky to the newbie like me.
Great help, thank you. If you just want to add an attribute to a tag and keep the rest of the attributes defined in the WP core files, eg add “id” to the div tag, the following code adds a single attribute.
$allowedposttags[“div”][“id”] = true;
Great tip! Thank you!
Simple and perfect ! It works for my iframes, more easy than adding a plugin.
Simple and perfect ! It works for my iframes
may be we can use some plugins out there?
Good article post, thanks.
A useful post, it give me more knowledge. thank you
[…] WP quick tips […]
It’s really a cool and helpful piece of information. I’m glad that you just shared this helpful info with us. Please stay us up to date like this. Thanks for sharing.
[…] like you can change the allowed tags: How to change the allowed HTML tags for WordPress | WordPress Quick Tips Hope this is still relevant to the current version. __________________ [3G] UK: giffgaff – 250 […]
Thanks for sharing. Plugins often makes trouble. This way is really helpful.
Hey Vincent – I think WordPress allows iFrame if you paste the code in text mode. Can you please consider adding an update to this post if possible?
Anyways I enjoy your other posts you have written.