[#30329] - [3.x] Update TinyMCE
- Fixed in Code Base
- 15 Aug 2020
- Medium
- Build: staging
- # 30329
- Diff
- SniperSister:3x-tinymceupdate
User tests: Successful: Unsuccessful:
Summary of Changes
This PR updates tinymce to version 4.5.12 - this is the highest version we can include in Joomla 3 due to browser support.
It also fixes numerous security issues.
Changelog:
Fixed so links with xlink:href attributes are filtered correctly to prevent XSS. #TINY-1626
Fixed the selection.setContent() API not running parser filters #TINY-4002
Fixed the visualchars plugin converting HTML-like text to DOM elements in certain cases #TINY-4507
Fixed HTML comments incorrectly being parsed in certain cases #TINY-4511
Fixed a security issue related to CDATA sanitization during parsing #TINY-4669
Fixed content in an iframe element parsing as dom elements instead of text content #TINY-5943
| Status | New | ⇒ | Pending |
joomla-cms-bot
- | Category | ⇒ | JavaScript External Library Front End Plugins |
is the admin-item-edit js supposed to be here?
| Labels |
Added:
?
|
||
@brianteeman whoops, good catch, fixed
I have tested this item
Looks good to me, thanks @SniperSister
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/30329.
I have tested this item
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/30329.
| Status | Pending | ⇒ | Ready to Commit |
RTC
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/30329.
| Status | Ready to Commit | ⇒ | Fixed in Code Base |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2020-08-15 20:47:01 |
| Closed_By | ⇒ | wilsonge | |
| Labels |
Added:
?
|
||
Thanks guys!
/cc @joomla/security