Title: Safe Paste
Author: Samuel Aguilera
Published: <strong>22 Setember 2012</strong>
Last modified: 10 Avril 2020

---

Search plugins

This plugin **hasn’t been tested with the latest 3 major releases of WordPress**.
It may no longer be maintained or supported and may have compatibility issues when
used with more recent versions of WordPress.

![](https://s.w.org/plugins/geopattern-icon/safe-paste.svg)

# Safe Paste

 By [Samuel Aguilera](https://profiles.wordpress.org/samuelaguilera/)

[Download](https://downloads.wordpress.org/plugin/safe-paste.1.1.9.zip)

 * [Details](https://lmo.wordpress.org/plugins/safe-paste/#description)
 * [Reviews](https://lmo.wordpress.org/plugins/safe-paste/#reviews)
 *  [Installation](https://lmo.wordpress.org/plugins/safe-paste/#installation)
 * [Development](https://lmo.wordpress.org/plugins/safe-paste/#developers)

 [Support](https://wordpress.org/support/plugin/safe-paste/)

## Description

WordPress do a great job by default filtering potentially dangerous code inside 
your content. So this plugin is NOT about security.

But people can break your site design without compromising your security… That’s
the purpose of this little plugin.

Do you have users that creates content for you?. Do you own an online Magazine?

If you answer yes to at least one of the above questions, I’m sure you have minor
design troubles in your site because of your users using copy/paste (ofcourse without
using TinyMCE buttons to remove code) while not being aware of all the HTML tags
they are pasting…

This plugin simply removes a lot of HTML tags (and non breaking space HTML entitie)
from post and page content before inserting it to database. Preventing users (including
you) to paste undesired HTML tags to the content.

It only does his work while you’re editing your post/page (it can be in any status).
So it’ll do the job on the new post/pages you create after the activation of the
plugin and in old content that you edit after the plugin activation.

These are the HTML tags that stays:

<p>
 <a> (allowed attributes: href, title). <img> (allowed attributes: src, alt,
class). <h1> <h2> <h3> <h4> <h5> <h6> <blockquote> <ol> <ul> <li> <em> <strong> 
<del> <code> <ins>

Any other HTML tag (or attributes) and &nbsp; (non breaking space) should be removed.

Users with ‘unfiltered_html’ WP core capability (by default administrator and editor
roles), will be excluded from the filter.

**NOTE: This program is distributed under [GPL2](http://www.gnu.org/licenses/gpl-2.0.html)
licence in the hope that it will be useful, but WITHOUT ANY WARRANTY. I’m not responsible
of ANY trouble or damage your site may have due to the use of this plugin. YOU and
only YOU are responsible of your site and having backups and restoration plans. 
If you use this plugin you’re accepting this.**

#### Features

 * [KISS](http://en.wikipedia.org/wiki/KISS_principle) philosofy 🙂

#### Requirements

 * WordPress 4.x or higher.

## Installation

 * Extract the zip file and just drop the contents in the `wp-content/plugins/` 
   directory of your WordPress installation (or install it directly from your dashboard)
   and then activate the plugin from Plugins page.
 * Nothing more! No settings page (for the moment), just activate or deactivate 
   it.

## FAQ

  Will this plugin works in WordPress older than 4.x?

Maybe… But the question is… WTF are you using anything older than that?

  I would like to customize the allowed tags and protocols

Starting from Safe Paste 1.1.7 you can use the filters safepaste_allowed_tags and
safepaste_allowed_protocols to add a snippet to your theme functions.php file (or
[create a child theme](https://codex.wordpress.org/Child_Themes)).

The format used to pass the tags and protocols is the same that uses the [wp_kses() function](https://codex.wordpress.org/Function_Reference/wp_kses).

Examples:

    ```
    add_filter( 'safepaste_allowed_tags', 'my_custom_tags');

    function my_custom_tags( $allowed_tags ) {

    //Add <b> to allowed tags
    $allowed_tags['b'] = array();

    return $allowed_tags;

    }

    add_filter( 'safepaste_allowed_protocols', 'my_custom_protocols');

    function my_custom_protocols( $allowed_protocols ) {

    //Add ftp to allowed protocols
    $allowed_protocols[] = 'ftp';

    return $allowed_protocols;

    }
    ```

  I want Safe Paste to take care also of my custom post type

By default only ‘post’ and ‘page’ post types are filterd by Safe Paste. But you 
can use the safepaste_post_types filter to set modify this.

Example:

    ```
    add_filter( 'safepaste_post_types', 'my_custom_post_types');

    function my_custom_types( $types_to_filter ) {

    //Add book post type
    $types_to_filter[] = 'book';

    return $types_to_filter

    }
    ```

## Reviews

![](https://secure.gravatar.com/avatar/0aaf151b061e075f5ce5ba2e079344180d206d528a4a29b86c6c175eb7526cc4?
s=60&d=retro&r=g)

### 󠀁[Please update the good plugin.](https://wordpress.org/support/topic/please-update-the-good-plugin/)󠁿

 [elitdom](https://profiles.wordpress.org/elitdom/) 12 Fevrer 2019

Please update the good plugin.

![](https://secure.gravatar.com/avatar/96e674337855b303ae3203c9df20d40d817a30029aec5ab457ab916eeac748c8?
s=60&d=retro&r=g)

### 󠀁[Excellent](https://wordpress.org/support/topic/excellent-3297/)󠁿

 [net](https://profiles.wordpress.org/krstarica/) 03 Setember 2016

Works nice.

 [ Read all 5 reviews ](https://wordpress.org/support/plugin/safe-paste/reviews/)

## Contributors & Developers

“Safe Paste” is open source software. The following people have contributed to this
plugin.

Contributors

 *   [ Samuel Aguilera ](https://profiles.wordpress.org/samuelaguilera/)

[Translate “Safe Paste” into your language.](https://translate.wordpress.org/projects/wp-plugins/safe-paste)

### Interested in development?

[Browse the code](https://plugins.trac.wordpress.org/browser/safe-paste/), check
out the [SVN repository](https://plugins.svn.wordpress.org/safe-paste/), or subscribe
to the [development log](https://plugins.trac.wordpress.org/log/safe-paste/) by 
[RSS](https://plugins.trac.wordpress.org/log/safe-paste/?limit=100&mode=stop_on_copy&format=rss).

## Changelog

#### 1.1.9

 * Improved code syntax to make it 100% compliant with WordPress Coding Standards.
   This doesn’t represent any change in the plugin functionality, it’s just cosmetic.

#### 1.1.8

 * Minor code change to get the post ID directly from $postarr
 * Some code formatting cleanup

#### 1.1.7

 * Checks for ‘unfiltered_html’ WP core capability to exclude certain users/roles
   from the cleanup.
 * Added filter safepaste_post_types to set the post types where the cleanup will
   take place, by default is applied to post and pages.
 * Added filter safepaste_allowed_tags to allow customization of the allowed tags.
 * Added filter safepaste_allowed_protocols to allow customization of the allowed
   protocols.
 * Added code tag to allowed HTML tags.

#### 1.1.2

 * Replaced function that removes all HTML entities with a previous one that only
   removes &ampnbsp; (non breaking space) to fix issue reported at https://de.forums.
   wordpress.org/topic/wordpress-loscht-aus-links-von-aspx-seiten?replies=6#post-
   403093

#### 1.1.1

 * Changed: Allow ‘width’ and ‘height’ for img tag. This allow to resize images 
   in the WP editor.

#### 1.1

 * Changed: Now using WP function wp_kses instead of generic PHP strip_tags. This
   change also allow to use cforms plugin, that uses HTML comments to insert their
   forms (a very bad method by the way, should use shortcodes instead).
 * Added: Allow only http and https protocols in post/page content.

#### 1.0

 * Initial release.

## Meta

 *  Version **1.1.9**
 *  Last updated **6 years ago**
 *  Active installations **200+**
 *  WordPress version ** 4.0 or higher **
 *  Tested up to **5.4.19**
 *  Language
 * [English (US)](https://wordpress.org/plugins/safe-paste/)
 * Tags
 * [editor](https://lmo.wordpress.org/plugins/tags/editor/)[html](https://lmo.wordpress.org/plugins/tags/html/)
   [post content](https://lmo.wordpress.org/plugins/tags/post-content/)[strip tags](https://lmo.wordpress.org/plugins/tags/strip-tags/)
   [tinyMCE](https://lmo.wordpress.org/plugins/tags/tinymce/)
 *  [Advanced View](https://lmo.wordpress.org/plugins/safe-paste/advanced/)

## Ratings

 5 out of 5 stars.

 *  [  5 5-star reviews     ](https://wordpress.org/support/plugin/safe-paste/reviews/?filter=5)
 *  [  0 4-star reviews     ](https://wordpress.org/support/plugin/safe-paste/reviews/?filter=4)
 *  [  0 3-star reviews     ](https://wordpress.org/support/plugin/safe-paste/reviews/?filter=3)
 *  [  0 2-star reviews     ](https://wordpress.org/support/plugin/safe-paste/reviews/?filter=2)
 *  [  0 1-star reviews     ](https://wordpress.org/support/plugin/safe-paste/reviews/?filter=1)

[Add my review](https://wordpress.org/support/plugin/safe-paste/reviews/#new-post)

[See all reviews](https://wordpress.org/support/plugin/safe-paste/reviews/)

## Contributors

 *   [ Samuel Aguilera ](https://profiles.wordpress.org/samuelaguilera/)

## Support

Got something to say? Need help?

 [View support forum](https://wordpress.org/support/plugin/safe-paste/)

## Donate

Would you like to support the advancement of this plugin?

 [ Donate to this plugin ](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=H2KN258J2377Q)