Form Filters

This page documents filters for customizing form processing — from the action URL to the final email.

Filter	Description
`unblock/form/action`	Form action URL
`unblock/form/fields`	Sanitized form fields before email
`unblock/form/allowed_extensions`	Allowed file extensions for attachments
`unblock/form/email`	Email arguments before `wp_mail()`

form/action

Filter the form action URL injected into data-unbk-form forms.

apply_filters( 'unblock/form/action', string $action_url );

Parameter	Type	Description
`$action_url`	string	REST endpoint URL. Default: `rest_url( 'unblock/v1/form' )`

Example: Custom Endpoint

add_filter( 'unblock/form/action', function ( $action_url ) {

    return home_url( '/custom-form-handler/' );

} );

form/fields

Filter the sanitized form fields before the email is built.

apply_filters( 'unblock/form/fields', array $fields, Context $context );

Parameter	Type	Description
`$fields`	array	Sanitized field key-value pairs
`$context`	`\Unblock\Form\Context`	Form context

Example: Add Referer Field

add_filter( 'unblock/form/fields', function ( $fields, $context ) {

    $fields['submitted_from'] = $context->referer();

    return $fields;

}, 10, 2 );

form/allowed_extensions

Filter allowed file extensions for form attachments.

apply_filters( 'unblock/form/allowed_extensions', array $extensions, Context $context );

Parameter	Type	Description
`$extensions`	array	Default: `['jpg', 'jpeg', 'png', 'gif', 'webp', 'pdf', 'doc', 'docx']`
`$context`	`\Unblock\Form\Context`	Form context

Example: Allow ZIP and CSV

add_filter( 'unblock/form/allowed_extensions', function ( $extensions ) {

    $extensions[] = 'zip';
    $extensions[] = 'csv';

    return $extensions;

} );

Common mistake

Adding executable extensions like php, js, or exe here is a security risk. Only allow file types you actually need.

form/email

Filter all email arguments before sending via wp_mail().

apply_filters( 'unblock/form/email', array $email_args, Context $context );

Parameter	Type	Description
`$email_args`	array	Keys: `to`, `subject`, `body`, `headers`, `attachments`
`$context`	`\Unblock\Form\Context`	Form context

Example: Route by Referer

add_filter( 'unblock/form/email', function ( $args, $context ) {

    if ( str_contains( $context->referer(), '/careers' ) ) {
        $args['to'] = 'hr@example.com';
    }

    return $args;

}, 10, 2 );

Example: Add CC Header

add_filter( 'unblock/form/email', function ( $args, $context ) {

    $args['headers'][] = 'Cc: archive@example.com';

    return $args;

}, 10, 2 );

Next steps

Actions — form lifecycle hooks (form/processed, form/spam_detected)
Security filters — allowed form actions and HTML sanitization

form/action​

form/fields​

form/allowed_extensions​

form/email​

Next steps​

form/action

form/fields

form/allowed_extensions

form/email

Next steps