Skip to main content Accessibility Feedback

Allowing iFrames in sanitized WordPress content

I recently discovered that wp_kses—a function that keeps malicious code out of the database—was stripping out my YouTube and Vimeo embeds in a custom metabox I had created.

Fortunately, WordPress provides a filter you can use to add additional allowed tags.

For something like videos that are likely to end up in your content, it’s better to include this sort of thing in a plugin so that you don’t lose your content if you change themes.

So, I created one. You can grab Allow iFrames on GitHub.


🚀 I just relaunched my Vanilla JS Pocket Guides with new code examples and real projects to help tie everything you’ll learn together. Check it out.

Have any questions or comments about this post? Email me at chris@gomakethings.com or contact me on Twitter at @ChrisFerdinandi.

Get Daily Developer Tips