Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

[SOLVED] allowing <script>-tags in Richtext editor fields


Reply


2 Posts   333 Views

Avatar
soliddealer

Community Member, 5 Posts

8 November 2013 at 9:53pm

Hi,

I'm trying to paste <script> var foo = 'foo' </script> into a Tiny-MCE Editor field (Silverstripe 3.1.).
I know this isn't best practice, but I need a quickndirty solution for this specific problem.

I've tried a lot, e.g. to overwrite valid_elements:

HtmlEditorConfig::get('cms')->setOption('extended_valid_elements', "*

  • ");
    HtmlEditorConfig::get('cms')->setOption('verify_html', 'false'); // turn off html validation

This works and script-tags left in HTML-Code (results into: <script type="text/javascript">// <![CDATA[ var foo = 'foo'; // ]]></script>), but after "Save & publish" all <script></script> is gone and "cleaned" somehow (by the way, same result for <style>).

Could someone give me a hint, what cleaning-method is used here?

Thanks in advance

boo

Avatar
soliddealer

Community Member, 5 Posts

10 November 2013 at 2:28am

OK, solved it with a ShortcodeParser which parses my content:

In _config.php:

ShortcodeParser::get('default')->register('myscript', array('Page_Controller', 'ScriptParser'));

In Page_Controller (Page.php):

public static function ScriptParser ($arguments, $myscriptcontent, $parser, $shortcode) {
   return '<script>'.$myscriptcontent.'</script>';
}

Example code in Tiny-MCE editor:
[myscript]alert('foo')[/myscript]

Hope, this helps someone else...

regards
solid