I believe this is because of the kses filtering that goes on and possibly unfiltered_html capabilities. Not stuff specific to CMB2, but more WordPress in general.
Thanks for this. Is there a workaround at all?
You should be able to change the sanitization and escape callbacks on the individual fields, which could allow you to specify one that wouldn’t strip the script tags out.
Another idea would be to just use a shortcode for where the script tags should be inserted, and then run the fields through do_shortcode() when it comes time to display the content, and the script tags could be inserted at that point.
Thanks, but the issue isn’t displaying on the frontend but more about saving the field within the backend. Clicking save doesn’t apply that change, and also affects sortable group field that the wysiwyg is placed within.
I have to wonder if filtering in script to the sanitization functions would help.
http://www.goldenapplewebdesign.com/wordpress-take-control-of-html-tag-filtering/
I’m pretty sure this is because of the WP_Editor that’s being used for the WYSIWYG aspect. My hunch also say it’d be fine if it was just a standard textarea, because of filters run on the first one.
None of this worked. Inserting a script is fine in the post body of a normal post (I don’t use post body in the CPT I’m using the META box for) but not within the WYSIWYG option. I don’t want to use textarea too.
Ah wait, more fiddling and did it! I added this to my functions.php file should anyone else need it:
function script_allowed_tags() {
global $allowedposttags;
$allowedposttags['script'] = array(
'type' => array(),
'src' => array()
);
}
add_action('init', 'script_allowed_tags', 10);
