Hi,
I've added the following property in my config file to forbid javascript code in the RADEditor:
I've noticed the following:
- an "onclick" attribute of a href in a "page content" where the telerik editor is activated, is stripped out when saving the page.
- an "onclick" attribute of a href in a "Telerik RADeditor webpart", is not stripped out when saving the page.
How can I forbid the onclick attribute in a RADeditor webpart? I want it to be stripped out as well in the webpart.
Kind regards,
Jean
I've added the following property in my config file to forbid javascript code in the RADEditor:
<property name="AllowScripts">False</property>I've noticed the following:
- an "onclick" attribute of a href in a "page content" where the telerik editor is activated, is stripped out when saving the page.
- an "onclick" attribute of a href in a "Telerik RADeditor webpart", is not stripped out when saving the page.
How can I forbid the onclick attribute in a RADeditor webpart? I want it to be stripped out as well in the webpart.
Kind regards,
Jean
3 Answers, 1 is accepted
0
Hello Jean,
The AllowScripts property is not related to elements attributes but the <script> tags in the content. What you can do is create your own content filter, which will strip the onclick attributes from the elements. Review the following online help articles:
http://www.telerik.com/help/aspnet-ajax/contentfilters.html
http://www.telerik.com/help/aspnet-ajax/set-properties-via-config-file.html
Also check the following online demo
http://demos.telerik.com/aspnet-ajax/editor/examples/contentfilters/defaultcs.aspx
Kind regards,
Stanimir
the Telerik team
Check out Telerik Trainer, the state of the art learning tool for Telerik products.
The AllowScripts property is not related to elements attributes but the <script> tags in the content. What you can do is create your own content filter, which will strip the onclick attributes from the elements. Review the following online help articles:
http://www.telerik.com/help/aspnet-ajax/contentfilters.html
http://www.telerik.com/help/aspnet-ajax/set-properties-via-config-file.html
Also check the following online demo
http://demos.telerik.com/aspnet-ajax/editor/examples/contentfilters/defaultcs.aspx
Kind regards,
Stanimir
the Telerik team
Check out Telerik Trainer, the state of the art learning tool for Telerik products.
0
Jean
Top achievements
Rank 1
Rank 1
answered on 06 Dec 2010, 03:58 PM
Thank you for your prompt answer.
But how come that it works in the page content but NOT in the webpart ?
If this is Sharepoint behavior, can I have the same behavior for the telerik webpart ?
Kind regards,
Jean
But how come that it works in the page content but NOT in the webpart ?
If this is Sharepoint behavior, can I have the same behavior for the telerik webpart ?
Kind regards,
Jean
0
Hi Jean,
In WCM scenario when the content is send to the server there are SharePoint content filters, which are modifying it before it is saved in the database. These filters are stripping the onclick attribute. In WebPart scenario the WebPart it self is responsible for saving the content and there are no additional filters, which are applied on the submitted HTML code. This is the reason why if you want to make modifications in the code you need to this on the client and the way to achieve it is adding a custom content filter to RadEditor.
Greetings,
Stanimir
the Telerik team
Check out Telerik Trainer, the state of the art learning tool for Telerik products.
In WCM scenario when the content is send to the server there are SharePoint content filters, which are modifying it before it is saved in the database. These filters are stripping the onclick attribute. In WebPart scenario the WebPart it self is responsible for saving the content and there are no additional filters, which are applied on the submitted HTML code. This is the reason why if you want to make modifications in the code you need to this on the client and the way to achieve it is adding a custom content filter to RadEditor.
Greetings,
Stanimir
the Telerik team
Check out Telerik Trainer, the state of the art learning tool for Telerik products.