Cannot add to Full Meta Tags field
-
I have the latest wordpress 3.7.1
Previously, before 3.7, I was able to add text to the Full Meta Tags field.
For example :
<link rel=”alternate” hreflang=”ex-default” href=”http://www.astrasuite.com/astrablog/absolare-tas-review/” />
<link rel=”alternate” hreflang=”en-ID” href=”http://www.lyrics-soundart.com/lyrics-news/absolare-tas-review/” />This time, it won’t save, while either adding or editing a post.
Is this a problem due to new WordPress, or new WordPress SEO plugin (Yoast) ? Or is it a unique problem for me ?
Thanks
-
Hello. Since 2.3.2 all user input is more strictly sanitized.
For security reasons, the ‘full meta tags’ box can only accept
meta
html elements with valid attributes. All other HTML code is removed.However, if you still want to use this box as a “paste any HTML code” box, you have to manually uncomment one line in the
amt-utils.php
file inside the functionamt_get_allowed_html_kses()
(first function inside the file).So, in order to remove the restriction modify the current:
function amt_get_allowed_html_kses() { // Uncomment the following line to allow any HTML element in the Full Meta Tags box. //return array(); [...]
To:
function amt_get_allowed_html_kses() { // Uncomment the following line to allow any HTML element in the Full Meta Tags box. return array();
Please note that this modification will be overwritten every time the plugin is updated.
A filter is planned for future versions so as to be able to customize this restriction by adding a filtering function in the
functions.php
file.Hope this helps,
George
Please note that by making the modification above you open a security hole, as post authors can paste any HTML code to the web site’s head section. So, if you don’t trust your authors, please do not make the modification above.
Of course, if there is a reason valid enough to allow more html elements than
meta
, like thelink
element in your example, I’d be willing to add it to the array of valid elements.We will need more feedback about this.
Filtering of
amt_get_allowed_html_kses()
will be available in the upcoming 2.4.0. I’ve scheduled to add this feature in this release.Thank you very much, excellent support ! It is important for us as we have websites in different countries with the same content, and Google recommends these lines.
We also have only one author, so it’s ok.
However, after uncommenting the line in the code, it still does not save.
Maybe there is still something to modify ?Thanks
In the meantime, I have reverted back to ver. 2.3.0, where it works perfectly. I think it started from ver. 2.3.1, as it was no longer working from 2.3.1.
I noticed ver 2.3.0 was packaged on Oct 18, 2013. I guess we did not make any updates from after that date so we didn’t notice then.
Hi astrasuite,
You are right. The workaround does not work.
Expected behavior: allow all html elements.
Actual behavior: remove all html elements.After investigating the use of the
link
element for a while, it turns out that it is frequently used in metadata to link to external resources, instead of adding the metadata of the external resources in the current page. Not having it in the list of allowed elements was a mistake and this will be fixed in the upcoming 2.4.0.I’ll post the fixed
amt_get_allowed_html_kses()
function as soon as I permanently fix this in the code, so that you can test it and apply the fix to your sites before 2.4.0 is out.George
Excellent, George, thanks !
Here is the fixed
amt_get_allowed_html_kses()
which allows themeta
andlink
elements by default and allows filtering of the supported elements.It would be nice if you could test this (whenever possible) with the latest version of Add-Meta-Tags and confirm that it works with the link elements you use. If testing is not possible, it’s fine.
function amt_get_allowed_html_kses() { // Store supported global attributes to an array // As of http://www.w3schools.com/tags/ref_standardattributes.asp $global_attributes = array( 'accesskey' => array(), 'class' => array(), 'contenteditable' => array(), 'contextmenu' => array(), // 'data-*' => array(), 'dir' => array(), 'draggable' => array(), 'dropzone' => array(), 'hidden' => array(), 'id' => array(), 'lang' => array(), 'spellcheck' => array(), 'style' => array(), 'tabindex' => array(), 'title' => array(), 'translate' => array() ); // Construct an array of valid elements and attributes $valid_elements_attributes = array( // As of http://www.w3schools.com/tags/tag_meta.asp // plus 'itemprop' and 'property' 'meta' => array_merge( array( 'charset' => array(), 'content' => array(), 'http-equiv' => array(), 'name' => array(), 'scheme' => array(), 'itemprop' => array(), // schema.org 'property' => array() // opengraph and others ), $global_attributes ), // As of http://www.w3schools.com/tags/tag_link.asp 'link' => array_merge( array( 'charset' => array(), 'href' => array(), 'hreflang' => array(), 'media' => array(), 'rel' => array(), 'rev' => array(), 'sizes' => array(), 'target' => array(), 'type' => array() ), $global_attributes ) ); // Allow filtering of $valid_elements_attributes $valid_elements_attributes = apply_filters( 'amt_valid_full_metatag_html', $valid_elements_attributes ); return $valid_elements_attributes; }
To support more elements you need to add a filtering function that extends the list of the valid elements and attributes in your
functions.php
file of your theme. For example, in order to add thetitle
element, so that you can put a line like<title>my test title</title>
in the ‘Full meta tags’ box, you should add the following code tofunctions.php
:// Adds the 'title' element to the valid html elements for the full meta tags box function extend_full_metatag_valid_elements( $valid_elements ) { // Construct the title element array (key: element name, value: array of valid attributes) $title_element = array( 'title' => array() ); // Append the 'title' element to the valid elements $valid_elements = array_merge( $valid_elements, $title_element); return $valid_elements; } add_filter( 'amt_valid_full_metatag_html', 'extend_full_metatag_valid_elements', 10, 1 );
Hope these help. Thanks for your feedback! π
George
I have edited the previous post because some PHP comments were not displayed correctly. Code was displayed correctly.
Hi, George,
After updating your changes above into the latest version, it is now saving. Review mode is also working.
Thanks !
Thanks for letting me know. Much appreciated.
George
This fix has been included in the 2.4.0 release which will be out soon with many enhancements and more complete metadata.
If you are happy with the plugin when it is out, please consider rating it or writing a small review.
Again, thank you for providing valuable feedback.
George
- The topic ‘Cannot add to Full Meta Tags field’ is closed to new replies.