I'm having an issue where, as far as I can tell, the ContentFilters aren't working. For my test content, I'm using:
<p onclick="alert('p-fired')">test text</p>
<script>
alert("fired");
</script>
My editor declaration looks like this:
<telerik:RadEditor runat="server" ID="reNewComment" ContentAreaMode="Div" StripFormattingOnPaste="MSWord,ConvertWordLists,Css"
Width="100%" ToolTip="New Comment" Height="300px" EnableResize="True" AllowScripts="False"
ContentFilters="StripDomEventAttributes,StripCssExpressions,RemoveScripts" EditModes="Design">
Now, my text is reaching the server as:
<p onclick="alert('p-fired')">test text</p>
<script>
alert("fired");
</script>
This is getting saved this way, and when the page is reloaded both events work. Am I declaring my content filters incorrectly? I figured they would strip out the script stuff client side, before reaching the server. Any help is appreciated, thanks.