Title: Unfiltered HTML processing issue
Last modified: April 14, 2022
---
# Unfiltered HTML processing issue
* Resolved [tyaty1](https://wordpress.org/support/users/tyaty1/)
* (@tyaty1)
* [4 years, 1 month ago](https://wordpress.org/support/topic/unfiltered-html-processing-issue/)
* ```
// To filter out JS, we should use domdocument, but the problem is that sometimes the
// html is intentional incomplete, which would cause issues with domdocument
// See https://codereview.stackexchange.com/questions/30045/regex-to-remove-inline-javascript-from-string
if ($allow_unfiltered) {
// even for unfiltered: strip out javascript
$res = preg_replace('#<\s*script(.*?)>(.*?)<\s*/\s*script\s*>#is', '', wp_unslash($value));
# also strip out inline javascript (onalert etc)
$res = preg_replace('#\bon\w+\s*=\s*\S+(?=.*>)#', '', $res);
return $res;
```
* This piece of code in _eme_kses_single cuts out the chunks form from URL-s which
include on=, besides inline JS.
For exmaple:
* ```
Regisztrációs felület
```
* becomes:
* ```