Jump to:

17488 Posts in 4473 Topics by 1978 members

Archive

SilverStripe Forums » Archive » What attributes should we allow in the WYSIWYG editor?

Our old forums are still available as a read-only archive.

Moderators: martimiz, Howard, Sean, Ryan M., biapar, Willr, Ingo, simon_w

Page: 1
Go to End
Author Topic: 2397 Views
  • Sam
    Avatar
    Administrator
    677 Posts

    What attributes should we allow in the WYSIWYG editor? Link to this post

    11 June 2007 at 2:12pm

    We sometimes get clients who want to set up basic javascript functionality in CMS-managed content.

    For example, people may want to put an onclick handler on an A tag. Currently the WYSIWYG editor strips them out.

    What are the risks of failing to strip out onclick events from content entered into the CMS?

  • mandrew
    Avatar
    Core Development Team
    29 Posts

    Re: What attributes should we allow in the WYSIWYG editor? Link to this post

    11 June 2007 at 6:02pm

    I think it would be good if there was a flag which could be set by the admin which allows control of this. By default this "enforce clear code" option should be on.

  • sagencreative
    Avatar
    Community Member
    5 Posts

    Re: What attributes should we allow in the WYSIWYG editor? Link to this post

    27 May 2008 at 10:57am

    Is there any progress towards this end? Skype buttons are really cool on contact pages, and it would be nice not to have to do any hacking to allow onclick in the tag.

    Silverstripe is wonderful! Thanks for all your hard work.

    2397 Views
Page: 1
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.