Jump to content

Allowing specific HTML tags.

Featured Replies

Posted

I added a plugin to my CKEditor that would allow users to embed a HTML5 video into their post using the <video> and <source> tags.

The editor, the generated html, and the final result looks fine because I'm an admin and I can post raw html but for normal users only the link appears.

f2a5f5790df7da34241d66d8c977a8d2.png

 

How can I allow normal users to post these video/source tags without granting them access to add any html they want?

Thanks,

JC

  • Author

Found the solution to my own question. Gonna write it all out here so I can find it later.

First off I ditched my CkEditor plugin and used the IPB Add Button Feature for this project.

4180d2e096c3b6c25ea14b1915178ab7.png

 

That provided a similar result. I was able to post videos as an admin but noone else could.  I finally concluded that it was the HTMLPurifier library that was blocking the video and source tags, so I removed it.  (jk jk)

Instead I found the /System/Text/Parser.php file where all of the allowed html tags are defined.  Under this line:

        $def->addAttribute( 'iframe', 'data-munge-src', 'Text' );

I added

		$def->addElement('video', 'Block', 'Optional: (source, Flow) | (Flow, source) | Flow', 'Common', array(
      			'src' => 'URI',
      			'type' => 'Text',
      			'width' => 'Length',
      			'height' => 'Length',
      			'poster' => 'URI',
      			'preload' => 'Enum#auto,metadata,none',
      			'controls' => 'Bool',
    		));
    		$def->addElement('source', 'Block', 'Flow', 'Common', array(
      			'src' => 'URI',
      			'type' => 'Text',
    		));

 

and now everything is working as intended without giving all my users the ability to write any html code they want.

That could be big-time useful! Thanks for taking the time to share it ^_^

Archived

This topic is now archived and is closed to further replies.

Recently Browsing 0

  • No registered users viewing this page.