wp_kses_js_entities( string $content ): string

This function has been deprecated. Officially dropped security support for Netscape 4 instead.

Removes the HTML JavaScript entities found in early versions of Netscape 4.

Description

Previously, this function was pulled in from the original import of kses and removed a specific vulnerability only existent in early version of Netscape 4. However, this vulnerability never affected any other browsers and can be considered safe for the modern web.

The regular expression which sanitized this vulnerability has been removed in consideration of the performance and energy demands it placed, now merely passing through its input to the return.

Parameters

$contentstringrequired

Return

string

Source

function wp_kses_js_entities( $content ) {
	_deprecated_function( __FUNCTION__, '4.7.0' );

	return preg_replace( '%&\s*\{[^}]*(\}\s*;?|$)%', '', $content );
}

Changelog

VersionDescription
4.7.0Officially dropped security support for Netscape 4.
1.0.0Introduced.

User Contributed Notes

You must log in before being able to contribute a note or feedback.