Allowing iFrames in sanitized WordPress content
I recently discovered that
wp_kses—a function that keeps malicious code out of the database—was stripping out my YouTube and Vimeo embeds in a custom metabox I had created.
Fortunately, WordPress provides a filter you can use to add additional allowed tags.
For something like videos that are likely to end up in your content, it’s better to include this sort of thing in a plugin so that you don’t lose your content if you change themes.
So, I created one. You can grab Allow iFrames on GitHub.