Closed thorin31 closed 10 months ago
Hello,
Thanks for the feedback!
This is due to ACF internal security logic which apply wp_kses_post_deep()
(see documentation) to all fields saved by users who aren't super admin.
This logic is controlled by acf_allow_unfiltered_html()
, which can be altered using the acf/allow_unfiltered_html
filter.
I hope it answers your question.
Regards.
Description of the bug When you write html code in a code editor field with HTML as the type, it saves correctly if you're super admin, but if you have another role, the code is filtered and certain tags disappear.
To Reproduce Add a code editor field, set it as HTML. Log on wordpress as super admin, write some code HTML with input form tags for example, and submit it. The code stay the same. Now, you log in with a rôle as editor for example, you write the same code and you submit. After submitting, the code is filtered.
Expected behavior The code must be the same after submit.
WordPress & ACF WordPress version: 6.2.2 ACF Pro version: 6.1.7 ACF extended: 0.8.9.3