The gform_sanitize_confirmation_message filter in Gravity Forms is used to sanitize the complete confirmation message just before outputting to the page. All scripts will be removed.
Usage
add_filter('gform_sanitize_confirmation_message', 'your_function_name');
Parameters
- $sanitize_confirmation_message (bool): The confirmation message. Default: false.
More information
See Gravity Forms Docs: gform_sanitize_confirmation_message
Examples
Turn on sanitization
add_filter('gform_sanitize_confirmation_message', '__return_true');
Remove HTML tags from the confirmation message
function strip_html_tags($confirmation_message) { return strip_tags($confirmation_message); } add_filter('gform_sanitize_confirmation_message', 'strip_html_tags');
Remove specific HTML tags from the confirmation message
function strip_specific_tags($confirmation_message) { return preg_replace('#</?(script|style|iframe)[^>]*>#is', '', $confirmation_message); } add_filter('gform_sanitize_confirmation_message', 'strip_specific_tags');
Encode HTML entities in the confirmation message
function encode_html_entities($confirmation_message) { return htmlentities($confirmation_message, ENT_QUOTES, 'UTF-8'); } add_filter('gform_sanitize_confirmation_message', 'encode_html_entities');
Add custom sanitization using a callback function
function custom_sanitization($confirmation_message) { // Your custom code here to sanitize the confirmation message return $confirmation_message; } add_filter('gform_sanitize_confirmation_message', 'custom_sanitization');