?
avatar FCPeggy
FCPeggy
13 Jan 2017

Global Configuration / Text Filters / SuperUser - set to "No Filtering"
Text editor keeps stripping html code even though NO FILTERING is set.
Is this a known issue / bug?

Votes

# of Users Experiencing Issue
1/1
Average Importance Score
5.00

avatar FCPeggy FCPeggy - open - 13 Jan 2017
avatar joomla-cms-bot joomla-cms-bot - labeled - 13 Jan 2017
avatar zero-24
zero-24 - comment - 15 Jan 2017

Can you confirm that it is the TinyMCE? Please confirm the settings of the plugin where you can enable that.

avatar FCPeggy
FCPeggy - comment - 15 Jan 2017

Hi,
Yes it is TinyMCE with the text filter set to off for Superadmin level.
Do you need anything more?
I am using Joomla 3.6.5.
Thank you,
Peggy

On 15 January 2017 at 08:47, zero-24 notifications@github.com wrote:

Can you confirm that it is the TinyMCE? Please confirm the settings of the
plugin where you can enable that.


You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
#13581 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/AX8MQ_XHHSEk4DrBwldMGesQzb3kysOGks5rSiNrgaJpZM4Li67D
.

avatar richard67
richard67 - comment - 16 Jan 2017

It possibly also needs to remove html elements (e.g. iframe, if you need that) from the "Prohibited Elements" value and add some to the "Extended Valid Elements" value in the TinyMCE plugin's settings.

For example I have following defined as extended valid elements:

a[class|id|title|href|hreflang|rel|target|type|onclick|style],audio[class|id|title|preload|autoplay|controls],div[class|id|itemprop|itemscope|itemtype|style],img[class|id|itemprop|src|border|alt|title|hspace|vspace|width|height|align|onmouseover|onmouseout|name|style],meta[class|id|itemprop|content],source[class|id|src|type],span[class|id|itemprop|style],track[class|id|default|kind|label|src|srclang],video[class|id|title|poster|preload|autoplay|controls|width|height]

Unfortunately you have to define all allowed properties of a tag again if you add it to the extended valid elements, even ig these properties would not have been stripped off before (e.g. img[class|id|...]) just if you want to allow an additional property (e.g. itemprop) for an image.

For more information, just do a web search for "tinymce extended valid elements".


This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/13581.

avatar FCPeggy
FCPeggy - comment - 16 Jan 2017

Hi, I am not at your skill level.

My issue is that this did not happen in previous builds and now it is. It
should not need this type of adjustment for everyone using Joomla 3.6.5 for
web design.

Will there be a fix to this in 3.7?

Is this a bug and should it not be treated as a bug for version 3.6.5?

I appreciate your help.
Cheers,
Peggy

On 16 January 2017 at 14:11, Richard Fath notifications@github.com wrote:

It possibly also needs to remove html elements (e.g. iframe, if you need
that) from the "Prohibited Elements" value and add some to the "Extended
Valid Elements" value in the TinyMCE plugin's settings.

For example I have following defined as extended valid elements:

a[class|id|title|href|hreflang|rel|target|type|
onclick|style],audio[class|id|title|preload|autoplay|
controls],div[class|id|itemprop|itemscope|itemtype|
style],img[class|id|itemprop|src|border|alt|title|hspace|
vspace|width|height|align|onmouseover|onmouseout|name|
style],meta[class|id|itemprop|content],source[class|id|src|
type],span[class|id|itemprop|style],track[class|id|default|
kind|label|src|srclang],video[class|id|title|poster|preload|
autoplay|controls|width|height]

Unfortunately you have to define all allowed properties of a tag again if
you add it to the extended valid elements, even ig these properties would
not have been stripped off before (e.g. img[class|id|...]) just if you want
to allow an additional property (e.g. itemprop) for an image.

For more information, just do a web search for "tinymce extended valid
elements".

This comment was created with the J!Tracker Application
https://github.com/joomla/jissues at issues.joomla.org/tracker/
joomla-cms/13581.


You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
#13581 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/AX8MQxShgAa-gHvPyjAbCNKVpoLpnJ1Vks5rS8DMgaJpZM4Li67D
.

avatar franz-wohlkoenig
franz-wohlkoenig - comment - 5 Feb 2017

Test on: Joomla! 3.7.0-latest staging, TinyMCE-Options: Use Joomla Text Filter: On, Global Options: Text Filters > Super users: No Filtering.

<italic> became in Source-Code &lt;italic&gt;, using Buttons works.

avatar Dweezledap
Dweezledap - comment - 15 Feb 2017

I'm having the same issue. It does not matter whether I use JCE, TinyMCE, or no editor. My admin directory is password protected and I'm the only person using the backend. Where could I find this in the source code to make a temporary change? The only other option I can think of is to add the code directly to the database.

Update:
After playing with this for awhile I discovered it is not Joomla but Phoca Download that is filtering out my code.

avatar nibra nibra - change - 24 Mar 2017
Category Administration com_content
avatar nibra nibra - change - 24 Mar 2017
Priority Urgent Medium
Status New Needs Review
avatar brianteeman
brianteeman - comment - 21 May 2017

@franz-wohlkoenig that will always happen if you enter code in wysiwyg view. Plus thats not a real tag so it will probably be stripped and replaced with a p tag anyway

avatar AboQusai
AboQusai - comment - 10 Jun 2017

Well, let me talk frankly. I have been searching all over to solve this issue but with no success.
One critical thing I would like to say. It is for security of the website all of this strong stand against the HTML tags was taken. However, trying to solve this issue from our side has in fact harmed the security of the website a lot because we tried to loosen every possible restriction in order to see our Iframe works.

avatar zero-24
zero-24 - comment - 10 Jun 2017

However, trying to solve this issue from our side has in fact harmed the security of the website a lot because we tried to loosen every possible restriction in order to see our Iframe works.

But this sounds like you fond the solution now?

avatar AboQusai
AboQusai - comment - 10 Jun 2017

Absolutely not. I think no solution is available. I have went through many documents and reached a confidence that this is simply not allowed for the current version 3.7.2 (or it might be a bug?).

avatar AboQusai
AboQusai - comment - 10 Jun 2017

By the way, it has nothing to do with Editor Type you choose. It applies to all editors including the (none). Accordingly, it is linked to Joomla itself.

avatar pjkundert
pjkundert - comment - 10 Jul 2017

This is still happening in Joomla 3.7.3, with TinyMCE. Both TinyMCE and Global configurations have been confirmed to allow iframe. This seems like a serious defect.

avatar brianteeman
brianteeman - comment - 10 Jul 2017

I can not confirm that.

Test 1

I set the tinymce plugin to "Use Joomla Text Filter"
and then with a superuser which has the default setting of "No filtering" set in the global configuration I was able to insert and save an iframe as expected

Test 2

I set the tinymce plugin to NOT "Use Joomla Text Filter" (which is the default)
and then I remove iframe from the list of "Prohibited Elements"
I was able to insert and save an iframe as expected

avatar pjkundert
pjkundert - comment - 18 Jul 2017

It appears to be limited to the editor (TinyMCE, in my case); I was able to add the iframe only by disabling the editor (setting the Global "Default Editor" to Editor - None).

avatar brianteeman
brianteeman - comment - 25 Dec 2017

There is no bug

What you are probably NOT doing is setting the tinymce option "use joomla text filter" to off for the correct (or all groups). The options are set per group. eg by default we have groups 1, 2 and 3.

Closed as not a bug

avatar brianteeman brianteeman - close - 25 Dec 2017
avatar brianteeman brianteeman - change - 25 Dec 2017
Status Needs Review Closed
Closed_Date 0000-00-00 00:00:00 2017-12-25 15:16:10
Closed_By brianteeman

Add a Comment

Login with GitHub to post a comment