Add 'unfiltered_html' capability to Editor Role

3 Replies ·

  1. Hi!
    After installing the Members plugin in a MU site, I edited the Editor role to enable the ‘unfiltered_html’ so editors can paste iframes.
    Also I tried creating a new role with the same capability enabled, with no luck. The iframe is still being stripped out.

    http://codex.wordpress.org/Roles_and_Capabilities#unfiltered_html

    I would appreciate some help. Thanks.

  2. Justin Tadlock

    This is because on multisite, `unfiltered_html` is blocked for everyone but the super admin, even regular administrators. Now, it is possible to get around this with a filter in a custom plugin. This code should work to allow editors to add unfiltered HTML:

    `
    add_filter( ‘map_meta_cap’, ‘my_map_meta_cap’, 1, 3 );

    function my_map_meta_cap( $caps, $cap, $user_id ) {

    if ( ‘unfiltered_html’ === $cap && user_can( $user_id, ‘editor’ ) )
    $caps = array( ‘unfiltered_html’ );

    return $caps;
    }
    `

  3. Justin Tadlock

    And, just to be clear, `unfiltered_html` is a highly dangerous capability to give to anyone you don’t trust 100%. They could potentially add all sorts of nasty stuff if they wanted to.

  4. xalj

    Hi Justin! I was looking for a solution to let my editors embed Livestream videos. Given that Livestream is not a the oEmbed certified list https://codex.wordpress.org/Embeds I was looking for a workaround. Someone just showed to me a plugin called iFrame https://wordpress.org/plugins/iframe/ that will let me embed the following code:
    <iframe src="http://new.livestream.com/accounts/256352/events/3187325/player?width=560&height=315&autoPlay=true&mute=false" width="560" height="315" frameborder="0" scrolling="no"> </iframe>
    by changing a few characters:

    [iframe src="http://new.livestream.com/accounts/256352/events/3187325/player?width=560&height=315&autoPlay=true&mute=false" width="560" height="315" frameborder="0" scrolling="no"]
    I appreciate your help. Thanks for the quick answer!
    Xavier