You may have heard about the wp_kses or encountered it in during writing a code or reading someone's code. Or maybe in reading the WP core.
As it has a weird name, the first question comes to our mind is what it does and where to use it. Let's discuss the use of this functions in briefly
<?php wp_kses( $str, $allowed_html, $allowed_protocols = array() ); ?>
The above function accepts three arguments,
Before using this function you have to be clear about what you output or input is going to accept or reject. Once you are clear you can strip out the unnecessary things from your input or output. There are some other variations of this function such as
You can read more about the sanitization and other functions here.
In the end, it is a way to write a code robustly and increasing security in your code. Whenever we write or create a plugin we should make sure we sanitize the output/input. Here are some helper functions for sanitizing output or before the data is being echoed.