Home » API reference » common.inc

filter_xss_admin

Versions
4.7 – 7
filter_xss_admin($string)

Very permissive XSS/HTML filter for admin-only use.

Use only for fields where it is impractical to use the whole filter system, but where some (mainly inline) mark-up is desired (so check_plain() is not acceptable).

Allows all tags that can be used inside an HTML body, save for scripts and styles.

Related topics

Sanitization functions
Functions to sanitize values.

▸ 10 functions call filter_xss_admin()

▾ 10 functions call filter_xss_admin()

actions_synchronize in includes/actions.inc
Synchronizes actions that are provided by modules in hook_action_info().
drupal_deliver_html_page in includes/common.inc
Package and send the result of a page callback to the browser as a normal HTML page.
node_help in modules/node/node.module
Implement hook_help().
seven_node_add_list in themes/seven/template.php
Display the list of available node types for node creation.
template_preprocess_forum_list in modules/forum/forum.module
Process variables to format a forum listing.
template_preprocess_page in includes/theme.inc
Preprocess variables for page.tpl.php
theme_form_element in includes/form.inc
Theme a form element.
theme_node_add_list in modules/node/node.pages.inc
Display the list of available node types for node creation.
theme_node_admin_overview in modules/node/content_types.inc
_locale_languages_configure_form_language_table in includes/locale.inc
Helper function to build a language provider table.

Code

includes/common.inc, line 1717

<?php
function filter_xss_admin($string) {
  return filter_xss($string, array('a', 'abbr', 'acronym', 'address', 'b', 'bdo', 'big', 'blockquote', 'br', 'caption', 'cite', 'code', 'col', 'colgroup', 'dd', 'del', 'dfn', 'div', 'dl', 'dt', 'em', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'hr', 'i', 'img', 'ins', 'kbd', 'li', 'ol', 'p', 'pre', 'q', 'samp', 'small', 'span', 'strong', 'sub', 'sup', 'table', 'tbody', 'td', 'tfoot', 'th', 'thead', 'tr', 'tt', 'ul', 'var'));
}
?>
Login or register to post comments
 
 

All source code and documentation on this site is released under the terms of the GNU General Public License, version 2 and later. Drupal is a registered trademark of Dries Buytaert.