Matt

With v5, you can probably save a lot of hassle and just use the backticks to generate inline code. Either way, applications have a framework to add new editor functionality, including buttons. CleanShot 2024-05-21 at 10.29.11.mp4

This is not an easy task given apps can control part of the sidebar.

You probably need to go through a Facebook approval process that frankly very few have the energy for.

What do you need to embed, can you show us a screenshot? I'm not even sure the functionality even exists in TipTap, or any other editor. It's way too early to tell. We've not even released v5 yet, so making determinations about which method is better is premature.

How about adding a line before?

When you change that setting, it doesn't go back and update images uploaded before that date. Any images over your setting, should be resized and saved. Note that Gallery will always try and store the original image alongside the resized versions.

Our alpha testers who helped with feedback on this feature disagree. I don't agree that adding newlines before and after each box is a great idea. It'll lead to posts with extra whitespace if you forget to go back and remove them. Keep those reasons for using source mode coming. To re-iterate that we're not removing it because we've taken an Ivory Tower approach, it's just that it's not possible with modern editors (even CKEditor 5) due to how they see nodes/styles/marks. Also, it's 2024 - if you need to embed JS and custom iFrames into a post, then perhaps we can find a better solution. Pages will likely have more flexibility (although still no direct 'edit the source HTML of this editor').

It's always worth ensuring you cover the basics when doing a security review, and this includes: - Ensuring you are using the very latest version of Invision Community. We have a bug bounty program running where people can test the security of our platform and report weaknesses, this has led to several improvements over the years. Likewise, we also receive reports from security professionals who let us know about potential vulnerabilities, and these are fixed and new versions released in a very timely manner. We do tag releases with a security notice when applicable in our release notes. This is also communicated to your AdminCP. - Consider multi-factor authentication. If you have signed up for an online service, the chances are your email/username and password has been leaked. You can check with "Have I been pwned". Using multi-factor authentication means that even if someone had your username and password from another service and you re-use the same password across multiple platforms, then they could still not log in. I recommend that everyone does this for those with AdminCP access. - Always use a unique password for each site you sign up to. Use a password manager (built into iOS, or tools like 1Password) to keep track of them. Consider changing your password every few months. - Review those with AdminCP access and do not grant it lightly. If you can log into the AdminCP and edit themes and languages, you can add code that can execute any PHP command. It is largely why the AdminCP code has different session management, a different login form and a different URL. It is a very powerful tool. - Review your logs regularly, especially the admin log in logs and actions to ensure there is nothing remiss inside.

This is a fairly substantial claim, what evidence do you have to support this?

As above, source mode has been removed. Modern editors (all of them) manage markup differently. If you added something the editor couldn't handle via HTML, then it would just remove the unsupported code when you hit edit. Source mode was added back when we had BBCode and it was.. less than perfect in how it handled it, so it allowed admins to go in and edit it to fix it. Likewise, CKEditor was such a pain to write plugins for, it was easier to just say "oh, use source mode to add stuff". Tiptap is much easier to develop for. What do you use source mode for?

Source mode isn't possible in v5 due to how modern editors manage text. It's not like the old days where it markup was thrown around it and called it good. What do you need to do that requires source mode? With the new editor in v5 you can add new functionality (and button based styles) still. Why would anyone do that?

All the more reason to support Tiptap in my opinion. We have paid for a pro license and support. We can speak to their dev team in Slack, which has been very helpful. As Matt mentioned, we looked at Lexical but it's very early on in its development and we didn't want to build a castle on shifting sands. Tiptap is built on ProseMirror, which is a very well tested and robust project.

Really appreciate this, thank you Morrigan!

Yes. Custom emojis are still available. But only for you, no one else.

Not every function Tiptap supports will make it to our editor. It can do tables, but there's a lot of scaffold needed. We need UI to add/remove rows/columns etc. I'm sure it'll mature as 5.0 develops.

Thanks! It's all @Matt Finger's hard work. I'll let him answer these questions.

It's worth remembering that the same editor can be used for Pages.

Not always the case. I presume you mean for SEO purposes, but we've moved on a lot from the days where a two H1 tags would confuse the billion dollar AI driven company called Google. Google: "Our systems do not have a problem with multiple H1 tags"

Yes, it's still possible.

Hi David, I've just moved this topic into a ticket. Your personal uptime status doesn't seem to quite match with ours, so I want to investigate further. We did have 3m 50s of downtime early this morning for essential maintenance, but I can't see any record of 45 mins of downtime on the 8th.

As Marc said, we did have two separate pockets of about 10-15 minutes of degraded performance around 4:45pm (BST) and around 6:15pm (BST). There was a very short period where we cycled our caching layer that was not performing optimally and putting pressure on the database servers. I am not aware of any issues on the 21st.

It's to ensure lots of HTML and markup isn't sent along in the schema, which is primarily for search engines. It just confuses and takes up space that is better served getting content over.

ips4_oauth_authorize - session cookie (expires when tab closed or browser quit) ips4_clearAutosave - session cookie (expires when tab closed or browser quit) ips4_lastSearch - whatever the flood limit is (usually 30 seconds) ips4_noCache - 20 mins, or when tab is closed/browser quit ips4_guestTermsDismissed - session cookie (expires when tab closed or browser quit) ips4_language - session cookie (expires when tab closed or browser quit) ips4_cm_reg - session cookie (expires when tab closed or browser quit) ips4_location - session cookie (expires when tab closed or browser quit) ips4_currency - session cookie (expires when tab closed or browser quit) ips4_guestTransactionKey - 30 days ips4_forumpass_* - 7 days

Thanks for the feedback. We do have robust spam management in place because a trial account is a full account which costs us a not insignificant amount of money. The trial is just for you and you have the option to convert it to a full account at the end of the trial. I'll see if we can tweak things a little though.