iframe is stripped in MOSSRadEditor but not in RadHtmlField

8 posts, 0 answers
  1. Stig Perez
    Stig Perez avatar
    5 posts
    Member since:
    Jan 2008

    Posted 18 Jan 2008 Link to this post

    I have a SPWeb using both the MOSSRadEditor and RadHtmlField implementation and for some reason any iframe or script tag is stripped when publishing pages using the MOSSRadEditor, but not the RadHtmlField.

    This is how they are implemented:

    <radE:RadHtmlField runat="server" id="_migidBodyText" FieldName="MyFieldName" AllowSpecialTags="true">  
     
    <radE:MOSSRadEditor runat="server" id="HomeCellHtml" AllowScripts="true" UseEmbeddedScripts="true" /> 

    and this is the property used in ConfigFile.xml:

    <property name="AllowScripts">True</property> 

    The type of field "MyFieldName" is "Publishing HTML", which will accept iframe and script tags if you select "Save and Stop Editing" instead of checking in or publishing the page. But with the MOSSRadEditor nothing works. The RadHtmlField is used directly on the page layout, while the MOSSRadEditor is used on a user control, referenced by the page layout.

    Am I missing something here? Why does this only work with the RadHtmlField and not the MOSSRadEditor?
  2. Georgi Tunev
    Admin
    Georgi Tunev avatar
    7207 posts

    Posted 18 Jan 2008 Link to this post

    Hi Stig Perez,

    The MOSSRadEditor control does not modify the content in any way - it works just like the classic RadEditor for ASP.NET.
    At this point we are not sure what the reason for the problem might be and we suggest to debug your application and see how the content is saved from the MOSSRadEditor - you can check its Content property for that purpose. The content passed from the MOSSRadEditor should contain the full Html code that you are inserting.


    Please let us know how this goes.



    Sincerely yours,
    Georgi Tunev
    the Telerik team

    Instantly find answers to your questions at the new Telerik Support Center

  3. Stig Perez
    Stig Perez avatar
    5 posts
    Member since:
    Jan 2008

    Posted 18 Jan 2008 Link to this post

    The debug session indicated that the correct field value is preserved all the way through the call to UpdateFieldValueInItem, right until the page is reloaded. This means that the field restriction is handled by SharePoint, which would make sense since the editor is not bound to a specific field as with RadHtmlField.

    But since I'm using the RadEditor in a generic webcontrol which again is used several places on my page layout, I can't bind it to a specific list item field. So I have to use the MOSSRadEditor and manually update the field when the page is published.
  4. Stig Perez
    Stig Perez avatar
    5 posts
    Member since:
    Jan 2008

    Posted 04 Feb 2008 Link to this post

    Any news on this matter?
  5. Georgi Tunev
    Admin
    Georgi Tunev avatar
    7207 posts

    Posted 05 Feb 2008 Link to this post

    Hello Stig,

    What we can suggest in your case is to use the latest version of our control where we have made the functions that encode and decode the content public.

    You can encode the content before save and decode it before sending it on the client, e.g:
    string encodedContent = Telerik.SharePoint.EditorTools.EscapeSpecialTags(content);
    string content = Telerik.SharePoint.EditorTools.UnEscapeSpecialTags(encodedContent);



    Note that if you do not decode the content when you display it, only the encoded tags will not be displayed - e.g. the IFRAME will not be visible for the client, but the rest of the content will be.



    Sincerely yours,
    Georgi Tunev
    the Telerik team

    Instantly find answers to your questions at the new Telerik Support Center
  6. Eric
    Eric avatar
    5 posts
    Member since:
    Apr 2008

    Posted 23 Apr 2008 Link to this post

    Hi,

    I try to use the method Telerik.SharePoint.EditorTools.EscapeSpecialTags, but the class "EditorTools" is "Private", so i'm not able to use the "EscapeSpecialTags" Method.

    I'm using the MOSS version of RadEditor 4.50 (01/31/2007).

    Can you help me?

    Thank.
  7. Stig Perez
    Stig Perez avatar
    5 posts
    Member since:
    Jan 2008

    Posted 24 Apr 2008 Link to this post

    Hi Eric,

    Unfortunately, I ended up using HtmlEncode and HtmlDecode on the field value on save and on load. I know this is not the best solution, but upgrading the RADEditor was not an option for me, since the environment in which the webapplication resides is shared among several other webapplications and I have no means of control with that environment.
  8. Lini
    Admin
    Lini avatar
    2144 posts

    Posted 24 Apr 2008 Link to this post

    Hi Eric,

    Here is the code for the escape/unescape functions. You can add it in your code for now. I will make sure that the EditorTools class in not private in the next MOSS release.

    private static string DecodeString(string nodeContent)  
    {  
        try 
        {  
            byte[] byteContent = Convert.FromBase64String(nodeContent);  
            string b64Content = System.Text.Encoding.UTF8.GetString(byteContent);  
            return b64Content;  
        }  
        catch (Exception)  
        {  
            return nodeContent;  
        }  
    }  
     
    public static string UnEscapeSpecialTags(string html)  
    {  
        MatchEvaluator meTags = new MatchEvaluator(DecodeMatch);  
        string fixedHtml = Regex.Replace(html, "<pre\\s+(style=\"display\\s*:none\"\\s*)?id=\"?RadEditorEncodedTag\"?[^>]*>([^<]+)</pre>", meTags, RegexOptions.IgnoreCase | RegexOptions.Multiline | RegexOptions.ECMAScript);  
        return fixedHtml;  
    }  
     
    private static string DecodeMatch(Match m)  
    {  
        return DecodeString(m.Groups[2].Value);  
    }  
     
    public static string EscapeSpecialTags(string html)  
    {  
        //tags to replace- currently scripts,flash, and media  
        string tagsToReplace = "object|script|embed|iframe";  
        MatchEvaluator meTags = new MatchEvaluator(EncodeMatch);  
        string fixedHtml = Regex.Replace(html, string.Format(@"<({0})[^>]*>[\s\S]*</\1>", tagsToReplace), meTags, RegexOptions.IgnoreCase | RegexOptions.Multiline | RegexOptions.ECMAScript);  
        fixedHtml = Regex.Replace(fixedHtml, string.Format(@"<({0})[^>]*\/?>", tagsToReplace), meTags, RegexOptions.IgnoreCase | RegexOptions.Multiline | RegexOptions.ECMAScript);  
        return fixedHtml;  
    }  
     
    private static string EncodeString(string nodeContent)  
    {  
        try 
        {  
            byte[] byteContent = System.Text.Encoding.UTF8.GetBytes(nodeContent);  
            string b64Content = Convert.ToBase64String(byteContent);  
            return b64Content;  
        }  
        catch (Exception)  
        {  
            return nodeContent;  
        }  
    }  
     
    private static string EncodeMatch(Match m)  
    {  
        return String.Format("<pre style=\"display:none\" id=\"RadEditorEncodedTag\">{0}</pre>", EncodeString(m.Groups[0].Value));  


    Best wishes,
    Lini
    the Telerik team

    Instantly find answers to your questions at the new Telerik Support Center
Back to Top