Hello,
You seem to be encountering the same issue we are.
The default WordPress stripping (from what I have read) that occurs on a Multisite Installation for all users EXCEPT the Network Super Admin is what we are seeking to modify for selected users. https://codex.www.ads-software.com/Roles_and_Capabilities
https://www.ads-software.com/extend/plugins/filtered-html-for-editors/faq/
I am seeking to give administrators and authors on each subsite the ability to embed iframes. Or I would create a special role with a role manger plugin and assign that role to all approved users but that seems a bit labor intensive.
However, it does work to create a new role with the plugin Extended Super Admins By Curtiss Grymala and adding the unfiltered html privilege to that new role and then assigning it to the users who need iframe embed capabilities.
On our installation, a user must FIRST be set as a SUPER ADMIN and THEN assigned the new role created in the Extended Super Admin plugin. The plugin only REMOVES Super Admin privileges from roles created. Failure to set a user as Super Admin FIRST can cause a server crash when directly selecting the new role for a user who is not set as a Super Admin.
Other solutions suggested are the two year old plugin “Unfiltered MU” (which many report ceased working at 3.0), and an old unsupported WPMUDEV plugin called Additional Tags that let site owners define additional tags users could use in HTML markup. https://premium.wpmudev.org/forums/topic/additional-tags-plugin
Also hacking the kses was suggested (but highly advised against) and then of course there are all the plugins that use oEmbed to insert videos from trusted sources, toolbar video and media embed buttons like those on Ultimate TinyMCE and adding additional trusted oEmbed sources to functions.php.
Adding additional trusted sources could cover some instances but not all and the modified file would get overwritten with a WP upgrade, sooooooo
https://codex.www.ads-software.com/Embeds
Our WP Network is semi-private and users are verified, so I am interested in allowing users of a trusted role to embed unfiltered HTML (specifically iframe content) from whatever source they want.
I grasp the security issues involved and I would think that a TinyMCE editor plugin or a dedicated special plugin would exist to manage this without requiring shortcode wrappers for iframes, but perhaps I am looking at this wrong and that is the best solution.
The goal is simple, – on a WP Multisite installation with trusted users, grant selected user roles (primarily subsite admins) the ability in the editor to embed unfiltered HTML so that switching between visual and HTML in the editor does not strip out iframes, etc.
Phil D
