我已经阅读了官方文档和博客文章和SO几个小时,某些地方答案将已经发布..但没有运气.
似乎没有任何配置的摆弄.阻止tinymce从我的输入/提交<p>元素上剥离内联'style'属性.我需要所有输入元素的'style'属性..但我刚开始测试<p>甚至让它工作.
这是我配置的最新版本.(出于许多变化/尝试):
tinyMCE.init({
mode : "textareas",
theme : "advanced",
plugins : "emotions,spellchecker,advhr,insertdatetime,preview,paste,table,media,directionality,style,xhtmlxtras,nonbreaking,pagebreak",
theme_advanced_buttons1 : "save,newdocument,|,bold,italic,underline,strikethrough,|,justifyleft,justifycenter,justifyright,justifyfull,formatselect,fontselect,fontsizeselect",
theme_advanced_buttons2 : "cut,copy,paste,pastetext,pasteword,|,bullist,numlist,|,outdent,indent,blockquote,|,undo,redo,|,link,unlink,anchor,image,cleanup,help,code,|,insertdate,inserttime,preview,|,forecolor,backcolor",
theme_advanced_buttons3 : "tablecontrols,|,hr,removeformat,visualaid,|,sub,sup,|,charmap,emotions,iespell,media,advhr,|,ltr,rtl",
theme_advanced_buttons4 : "styleprops,|,cite,abbr,acronym,del,ins,attribs,|,nonbreaking,pagebreak",
theme_advanced_toolbar_location : "top",
theme_advanced_toolbar_align : "left",
theme_advanced_statusbar_location : "bottom",
theme_advanced_resizing : true,
doctype : "<!DOCTYPE html>",
convert_urls : false,
//template_external_list_url : "gen4tinymce/lists/template_list.js",
external_link_list_url : "gen4tinymce/lists/link_list.js",
//media_external_list_url : "gen4tinymce/lists/media_list.js",
valid_elements : "@[id|class|style|title|dir<ltr?rtl|lang|xml::lang],"
+ "a[rel|rev|charset|hreflang|tabindex|accesskey|type|"
+ "name|href|target|title|class],strong/b,em/i,strike,u,"
+ "#p[style],-ol[type|compact],-ul[type|compact],-li,br,img[longdesc|usemap|"
+ "src|border|alt=|title|hspace|vspace|width|height|align],-sub,-sup,"
+ "-blockquote,-table[border=0|cellspacing|cellpadding|width|frame|rules|"
+ "height|align|summary|bgcolor|background|bordercolor],-tr[rowspan|width|"
+ "height|align|valign|bgcolor|background|bordercolor],tbody,thead,tfoot,"
+ "#td[colspan|rowspan|width|height|align|valign|bgcolor|background|bordercolor"
+ "|scope],#th[colspan|rowspan|width|height|align|valign|scope],caption,-div,"
+ "-span,-code,-pre,address,-h1,-h2,-h3,-h4,-h5,-h6,hr[size|noshade],-font[face"
+ "|size|color],dd,dl,dt,cite,abbr,acronym,del[datetime|cite],ins[datetime|cite],"
+ "object[classid|width|height|codebase|*],param[name|value|_value],embed[type|width"
+ "|height|src|*],map[name],area[shape|coords|href|alt|target],bdo,"
+ "button,col[align|char|charoff|span|valign|width],colgroup[align|char|charoff|span|"
+ "valign|width],dfn,fieldset,form[action|accept|accept-charset|enctype|method],"
+ "input[accept|alt|checked|disabled|maxlength|name|readonly|size|src|type|value],"
+ "kbd,label[for],legend,noscript,optgroup[label|disabled],option[disabled|label|selected|value],"
+ "q[cite],samp,select[disabled|multiple|name|size],small,"
+ "textarea[cols|rows|disabled|name|readonly],tt,var,big",
extended_valid_elements : "p[style]",
inline_styles : true,
verify_html : false
});
谢谢你的任何建议!
gov*_*nda 13
正如Thariama指出的那样,毫无瑕疵......但是我不知道所有CodeIgniter $config['global_xss_filtering'] = TRUE;都在做什么.如果您发现自己遇到同样的问题,请按照以下方式解决问题.请看这里:
Codeigniter - 基于帖子禁用XSS过滤.
| 归档时间: |
|
| 查看次数: |
18763 次 |
| 最近记录: |