I am looking for some sort of example script to remove the bad stuff a user might put in the rad editor. For example, what is the script you use in this forums radeditor to prevent people from inserting bad tags such as embed, script, external js files, iframes or anything else that could screw stuff up?
thanks,
Dave
thanks,
Dave
4 Answers, 1 is accepted
0
Hi Dave,
By default, RadEditor strips all <script> tags placed in its content area.
If you need to strip any other tags you should redirect the pasted content to a hidden DIV element, clean the tags and supply the stripped content to the editor.
You can find attached an example demonstrating how to strip all images, script and iframe tags on paste into the editor's content area by using a hidden editable DIV element.
Kind regards,
Rumen
the Telerik team
Instantly find answers to your questions at the new Telerik Support Center
By default, RadEditor strips all <script> tags placed in its content area.
If you need to strip any other tags you should redirect the pasted content to a hidden DIV element, clean the tags and supply the stripped content to the editor.
You can find attached an example demonstrating how to strip all images, script and iframe tags on paste into the editor's content area by using a hidden editable DIV element.
Kind regards,
Rumen
the Telerik team
Instantly find answers to your questions at the new Telerik Support Center
0
Dave Wolf
Top achievements
Rank 1
Iron
answered on 03 Jul 2008, 02:39 PM
That seems to work pretty well in IE7, but I can't get it to work in Firefox 3. Any suggestions?
Thanks again,
Dave
Thanks again,
Dave
0
Hi Dave,
The big drawback here is that Firefox does not allow programmatic access to the clipboard with JavaScript. You can see the following Mozilla's article on the topic: Setting Prefs for the Mozilla Rich Text Editing Demo. It is almost impossible to not paste the content in some container rather than in another in Firefox.
You can try to implement the required functionality for Firefox yourself. If you succeed and send us a working solution for Firefox, we will gladly award you with 10000 Telerik points.
My suggestion is to strip the desired tags on the server.
Best regards,
Rumen
the Telerik team
Instantly find answers to your questions at the new Telerik Support Center
The big drawback here is that Firefox does not allow programmatic access to the clipboard with JavaScript. You can see the following Mozilla's article on the topic: Setting Prefs for the Mozilla Rich Text Editing Demo. It is almost impossible to not paste the content in some container rather than in another in Firefox.
You can try to implement the required functionality for Firefox yourself. If you succeed and send us a working solution for Firefox, we will gladly award you with 10000 Telerik points.
My suggestion is to strip the desired tags on the server.
Best regards,
Rumen
the Telerik team
Instantly find answers to your questions at the new Telerik Support Center
0
Dave Wolf
Top achievements
Rank 1
Iron
answered on 03 Jul 2008, 04:17 PM
Thats probably something I dont want to mess with, im going to go with the server side approach. Thanks for you help.