User tests: Successful: Unsuccessful:
This PR updates tinymce to version 4.5.12 - this is the highest version we can include in Joomla 3 due to browser support.
It also fixes numerous security issues.
Changelog:
Fixed so links with xlink:href attributes are filtered correctly to prevent XSS. #TINY-1626
Fixed the selection.setContent()
API not running parser filters #TINY-4002
Fixed the visualchars
plugin converting HTML-like text to DOM elements in certain cases #TINY-4507
Fixed HTML comments incorrectly being parsed in certain cases #TINY-4511
Fixed a security issue related to CDATA sanitization during parsing #TINY-4669
Fixed content in an iframe element parsing as dom elements instead of text content #TINY-5943
Status | New | ⇒ | Pending |
Category | ⇒ | JavaScript External Library Front End Plugins |
is the admin-item-edit js supposed to be here?
Labels |
Added:
?
|
@brianteeman whoops, good catch, fixed
I have tested this item
Looks good to me, thanks @SniperSister
I have tested this item
Status | Pending | ⇒ | Ready to Commit |
RTC
Status | Ready to Commit | ⇒ | Fixed in Code Base |
Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2020-08-15 20:47:01 |
Closed_By | ⇒ | wilsonge | |
Labels |
Added:
?
|
Thanks guys!
/cc @joomla/security