Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
aucor_core_security_disable_unfiltered_html -removes iframes (inside html -blocks) when in wide column container blocks #1
So, I wanted to be able to put iframes in the pages and since WordPress's embed section was no use, I thought the best would be to simply use the HTML block.
I wanted the iframe to be inside the column-block which worked until I clicked the "Wide" or "Full width" buttons of the columns.
After little testing, I found out that by commenting aucor_core_security_disable_unfiltered_html in class-security.php file, it let the editor save the html content when inside wide columns.
Sorry for late reply. You can disable any feature or sub feature by filter. In this case
Here's the reason we disable unfiltered html:
If you need to embed iframes straight into content, I'll recommend:
We will keep this feature on by default as this improves the security a bit and protects against content loss.
Sorry to keep you waiting again. The unfiltered_html option should disable iframes everywhere as it is WordPress core functionality that we are just switching on with the filter. To my knowledge, WP scans the whole content via regex on the_content filter either or both when content is saved to DB and when it is displayed (the_content hook). If it lets through something it shouldn't, it might be bug in core.