WordPress allows a select few HTML tags within the content of post
comments. This is an awesome feature, of course, because it prevents
XSS security holes and other malicious code from being injected by
spammers, hackers, and jerks. Unfortunately there are many other tags
that bloggers may want to support; for example, tech bloggers may want
to support
PRE tags so commenters can post code. Luckily it's quite easy to allow more tags within your WordPress comments:
function allow_pres() {
global $allowedtags;
$allowedtags['pre'] = array('class'=>array());
}
add_action('comment_post', 'allow_pres');
The global
$allowedtags variable holds an array of allowed comment tags, so adding the
pre key will allow
PRE elements within comments. The
class key within the
pre array allows the
class
attribute for any PRE tags posted within the comment, so not only can
you allow additional HTML tags, but you can also specify allowed
attributes too! This function is added to the
comment_post hook (same hook that
AJAX comments use) so as to only add desired tags when a comment is posted.
