wp_kses_bad_protocol( string $string, string[] $allowed_protocols )

清理字符串并删除不允许的URL协议。
Sanitizes a string and removed disallowed URL protocols.

目录锚点：#说明#参数#源码

说明（Description）

此函数用于从字符串开头删除所有不允许的协议。它忽略了空格和字母的大小写，并且确实理解HTML实体。它递归地执行它的工作，所以它不会被像j这样的字符串愚弄avascript:javascript：警报（57）。

参数（Parameters）

源码（Source）

/**
 * Sanitize string from bad protocols.
 *
 * This function removes all non-allowed protocols from the beginning of
 * $string. It ignores whitespace and the case of the letters, and it does
 * understand HTML entities. It does its work in a while loop, so it won't be
 * fooled by a string like "javascript:javascript:alert(57)".
 *
 * @since 1.0.0
 *
 * @param string $string            Content to filter bad protocols from
 * @param array  $allowed_protocols Allowed protocols to keep
 * @return string Filtered content
 */
function wp_kses_bad_protocol($string, $allowed_protocols) {
	$string = wp_kses_no_null($string);
	$iterations = 0;

	do {
		$original_string = $string;
		$string = wp_kses_bad_protocol_once($string, $allowed_protocols);
	} while ( $original_string != $string && ++$iterations < 6="" );="" if="" (="" $original_string="" !="$string" )="" return="" '';="" return="" $string;="" }="">