Not all html tags pass on to the controller?

11 views
Skip to first unread message

IggaR

unread,
Mar 12, 2010, 2:18:38 AM3/12/10
to tinymce_hammer
Hey,

First I'd like to say I'm very happy with how easy tinymce (hammer)
was installed into my application.
I was pleased to see that all the options I needed were available,
however I'm facing one problem.
Not all the tags seem to be saved?

By the time I get to my controller, the string from my tinymce box
strips down some tags (eg font family,tables, etc)
I need a rich text editor because I get html transfered from my
database to my website, where it can be edited and saved again.

What I have is this:

view:
[code]
<%- form_for :trainee, trainee, :url=>{:controller =>
'trainee_evaluation', :action => 'save'} do |f| %>
<%= f.hidden_field :id %>
<%= f.tinymce :evaluation %>
<%= submit_tag "Opslaan" %>
<% end %>
[/code]

controller:
[code]
...
tr.evaluation = params[:trainee][:evaluation]
...
[/code]

Could someone help me with this issue?
Thanks!

trevorrowe

unread,
Mar 16, 2010, 12:02:33 PM3/16/10
to tinymce_hammer
Sorry for the slow reply.

The default configuration provided by tinymce_hammer is a bit
restrictive. It sets the valid_elements TinyMCE configuration option
to:

"a[href|
title],blockquote[cite],br,caption,cite,code,dl,dt,dd,em,i,img[src|alt|
title|width|height|align],li,ol,p,pre,q[cite],small,strike,strong/
b,sub,sup,u,ul"

Basically that is a white list filter of tags that the tinymce editor
allows to pass through. Just remove that option or modify it. There
is also a blacklist option (I believe) in tinymce:

http://wiki.moxiecode.com/index.php/TinyMCE:Configuration/invalid_elements

You should be able to make TinyMCE do what you want between those
options.

trevorrowe

unread,
Mar 16, 2010, 12:09:29 PM3/16/10
to tinymce_hammer
Somehow my reply looks like it got lost, I'll reply again, sorry if
this is a repost.

tinymce_hammer's default configuration sets the valid_elements
option. You can remove this option to let any html pass-through or
you can set the invalid_elements option. These white/black lists are
pretty flexible, but can easily be bypassed by the end user, so they
can't be trusted. I recommend you filter html server-side if you
can't trust the editor user.

http://wiki.moxiecode.com/index.php/TinyMCE:Configuration/valid_elements
http://wiki.moxiecode.com/index.php/TinyMCE:Configuration/invalid_elements

On Mar 12, 12:18 am, IggaR <ign...@d-n.be> wrote:

Reply all
Reply to author
Forward
0 new messages