[#9993] - Implement the global text filter settings to the Tiny MCE editor
- Fixed in Code Base
- 2 May 2016
- Medium
- Build: staging
- # 9993
- Diff
- chmst:Tiny_Textfilter
- Pending continuous-integration/travis-ci/pr The Travis CI build is in progress Details
User tests: Successful: Unsuccessful:
Summary of Changes
At the moment, the filter settings for HTML tags and attributes in the Tiny MCE are completly independent from the Joomla! settings (=> Global Configuration). So it's possible, that elements are allowed in the Tiny MCE but are forbidden in the Joomla! filter or vice versa.
With this patch it's possible to ignore the Tiny MCE settings and use the Joomla! settings to have the exact same filter rules and no variance. Special advantage: with this new function it's possible to define the rules for each user group!
Testing Instructions
- You need at least one user who is not super user
- In global configuration define textfilter for the usergroup the user belongs to, as for example set White list and allow the tag iframe and the attribute background.
Login as this user and write a new article which contains an iframe. Save the article and the iframe disappears if it is denied in TinyMCE.
Apply the patch
- In the TinyMCE Plugin set the new Param "use Joomla textfilters" to on.
- Login again as the user and write a new article containig an iframe and a style baykground
- For this user, iframe and background will remain
- Now play around and test some combinations, allowing and denying different tags or attributes to different user groups
| Status | New | ⇒ | Pending |
| Labels |
Added:
?
?
|
||
| Labels | |||
| Category | ⇒ | External Library Language & Strings Plugins |
| Labels |
Added:
?
|
||
| Milestone |
Added: |
||
hmm maybe I'm worng but i'm unable to add a script tag bevor and after the patch.
I'm super user without any filter resctrictions.
I did try to insert this piece of code via the "html code / source code" field from the tinyMCE:
<div>foo</div>
<script>
document.write('<div>Print this after the script tag</div>');
</script>
<div>bar</div>And after i'd want to save it the script tag was removed.
But this happen before and after the patch.
The iframe thing is working perfect in frontend and backend looks good to me 
Thank you, you are right. The tiny has it's own whitelist. I take this whitelist now additional to the text-filter.
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/9993.
I have tested this item 
successfully on b3f83ea
Works now. Thanks @chmst I can't wait that 3.6 with this feature is be released very usefull.
@brianteeman are you ok with the language strings?
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/9993.
I have tested this item successfully on b3f83ea
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/9993.
This PR has received new commits.
CC: @bembelimen, @zero-24
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/9993.
@brianteeman the last commit was just a one line cs change: 8f44c4b can we RTC than here based on the tests by @bembelimen and me? Thanks @chmst !
| Status | Pending | ⇒ | Ready to Commit |
| Labels | |||
| Labels |
Added:
?
|
||
This PR has received new commits.
CC: @bembelimen, @zero-24
This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/9993.
| Status | Ready to Commit | ⇒ | Fixed in Code Base |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2016-05-02 11:47:23 |
| Closed_By | ⇒ | rdeutz |
| Labels |
Removed:
?
|
||
@chmst Please alpha-order the language strings.