[英]How can I prevent TinyMCE from adding CDATA to <script> tags and from commenting out <style> tags?
Let's put aside the issues of allowing <script>
content inside a Web editor; 让我们把在Web编辑器中允许<script>
内容的问题放在一边; I'm perfectly aware of them. 我完全了解他们。
What I want is to allow <style>
and <script>
elements inside the text content, the issue is that, whenever I do this, TinyMCE changes them to: 我想要的是在文本内容中允许<style>
和<script>
元素,问题是,每当我这样做时,TinyMCE会将它们更改为:
<style><!-- th{width:80px} --></style>
and the script content is changed to: 并且脚本内容更改为:
<script>// <![CDATA[
$.address.unbind();
// ]]></script>
On my TinyMCE init configuration, I have: 在我的TinyMCE init配置中,我有:
valid_elements : "*[*]",
extended_valid_elements : "*[*],script[charset|defer|language|src|type],style",
custom_elements: "*[*],script[charset|defer|language|src|type],style",
valid_children : "+body[style],+body[script]",
verify_html : false,
media_strict: false
But I can't seem to find a way to prevent TinyMCE from disabling the <style>
and <script>
elements. 但我似乎找不到阻止TinyMCE 禁用 <style>
和<script>
元素的方法。
I would recommend avoiding any direct customization to third party libraries if it can be avoided. 如果可以避免,我建议避免对第三方库进行任何直接定制。 Instead I added a custom node filter to the editors serializer during initialization by adding the following to the config object passed into the tinymce construction call: 相反,我在初始化期间向编辑器序列化程序添加了一个自定义节点过滤器,方法是将以下内容添加到传递给tinymce构造调用的config对象中:
init_instance_callback : function(editor) {
// jw: this code is heavily borrowed from tinymce.jquery.js:12231 but modified so that it will
// just remove the escaping and not add it back.
editor.serializer.addNodeFilter('script,style', function(nodes, name) {
var i = nodes.length, node, value, type;
function trim(value) {
/*jshint maxlen:255 */
/*eslint max-len:0 */
return value.replace(/(<!--\[CDATA\[|\]\]-->)/g, '\n')
.replace(/^[\r\n]*|[\r\n]*$/g, '')
.replace(/^\s*((<!--)?(\s*\/\/)?\s*<!\[CDATA\[|(<!--\s*)?\/\*\s*<!\[CDATA\[\s*\*\/|(\/\/)?\s*<!--|\/\*\s*<!--\s*\*\/)\s*[\r\n]*/gi, '')
.replace(/\s*(\/\*\s*\]\]>\s*\*\/(-->)?|\s*\/\/\s*\]\]>(-->)?|\/\/\s*(-->)?|\]\]>|\/\*\s*-->\s*\*\/|\s*-->\s*)\s*$/g, '');
}
while (i--) {
node = nodes[i];
value = node.firstChild ? node.firstChild.value : '';
if (value.length > 0) {
node.firstChild.value = trim(value);
}
}
});
}
Hopefully this will help others stuck in the same boat. 希望这将有助于其他人陷入同一条船。
You can try altering the tinymce.min.js 您可以尝试更改tinymce.min.js
,f.addNodeFilter("script,style",function(e,t){function n(e){return e.replace(/(<!--\[CDATA\[|\]\]-->)/g,"\n").replace(/^[\r\n]*|[\r\n]*$/g,"").replace(/^\s*((<!--)?(\s*\/\/)?\s*<!\[CDATA\[|(<!--\s*)?\/\*\s*<!\[CDATA\[\s*\*\/|(\/\/)?\s*<!--|\/\*\s*<!--\s*\*\/)\s*[\r\n]*/gi,"").replace(/\s*(\/\*\s*\]\]>\s*\*\/(-->)?|\s*\/\/\s*\]\]>(-->)?|\/\/\s*(-->)?|\]\]>|\/\*\s*-->\s*\*\/|\s*-->\s*)\s*$/g,"")}for(var r=e.length,i,o,a;r--;)i=e[r],o=i.firstChild?i.firstChild.value:"","script"===t?(a=i.attr("type"),a&&i.attr("type","mce-no/type"==a?null:a.replace(/^mce\-/,"")),o.length>0&&(i.firstChild.value="// <![CDATA[\n"+n(o)+"\n// ]]>")):o.length>0&&(i.firstChild.value="<!--\n"+n(o)+"\n-->")}),f.addNodeFilter("#comment",function(e){for(var t=e.length,n;t--;)n=e[t],0===n.value.indexOf("[CDATA[")?(n.name="#cdata",n.type=4,n.value=n.value.replace(/^\[CDATA\[|\]\]$/g,"")):0===n.value.indexOf("mce:protected ")&&(n.name="#text",n.type=3,n.raw=!0,n.value=unescape(n.value).substr(14))})
Please, find and remove the above line of code from the file. 请从文件中查找并删除上面的代码行。
when you store tinymce content, simply remove these tags from output similar like this: 当你存储tinymce内容时,只需从输出中删除这些标记,如下所示:
$tinyOutput = str_replace(array("// <![CDATA[", "// ]]>"), array("", ""), $_POST['tinyOutput']);
..then save to db.. ..然后保存到数据库..
For me it worked to remove the following code for disabling script tag formating: 对我来说,它删除了以下用于禁用脚本标记格式化的代码:
,o.length>0&&(i.firstChild.value="// <![CDATA[\n"+n(o)+"\n// ]]>")
And for formating on style tag, you should remove: 要在样式标记上进行格式化,您应该删除:
&&(i.firstChild.value="<!--\n"+n(o)+"\n-->")
You can try using <
您可以尝试使用<
in place of <
for the style and script tags. 代替<
用于样式和脚本标记。 That way tinymce will not recognize style and script tags. 这样,tinymce将无法识别样式和脚本标签。
For example: 例如:
For style: 对于风格:
<style>th{width:80px}</style>
For script: 对于脚本:
<script>
$.address.unbind();
</script>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.