Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sanitize Content Handler #1077

Open
wants to merge 4 commits into
base: dev
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from 3 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions build/ctct-sanitize-content-handler-changelog.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
- **ENHANCEMENT**: Sanitize Content Handler
Adds the ability to configure and run the Sanitize Content Handler by editable element
tag name, in addition to element ID and class attributes. Refactored the Sanitize Content
Handler initialization and setup to cache Sanitizers per config. Also, cleanup up
relevant section in plugin_contenthandler guide page to match released implementation and
this enhancement.
23 changes: 19 additions & 4 deletions doc/guides/source/plugin_contenthandler.textile
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ There are some Content Handler available:
* Word
* oEmbed
* Sanitize
* Style Attribute

Plugins also provide Content Handler:
* Block +common/block+ plugin
Expand Down Expand Up @@ -88,12 +89,12 @@ h4. Writing your own Content Handler
['aloha', 'jquery', 'aloha/contenthandlermanager'],
function(Aloha, jQuery, ContentHandlerManager) {
"use strict";

var MyContentHandler = ContentHandlerManager.createHandler({
handleContent: function( content ) {

// do something with the content

return content; // return as HTML text not jQuery/DOM object
}
});
Expand Down Expand Up @@ -123,6 +124,7 @@ The Contenthandler Plugin has no user interface and is used in conjunction with
* word
* generic
* sanitize
* style attribute

h4. Word Content Handler

Expand Down Expand Up @@ -164,7 +166,7 @@ WARNING: The Sanitize Content Handler does not work reliably on IE7, and will th
The Sanitize Content Handler will remove all dom elements and attributes not covered by it's configuration. You may specify your own configuration based on these default settings:

<javascript>
Aloha.settings.contentHandler.sanitize = {
Aloha.settings.contentHandler.allows = {
// elements allowed in the content
elements: [
'a', 'abbr', 'b', 'blockquote', 'br', 'cite', 'code', 'dd', 'del', 'dl', 'dt', 'em',
Expand All @@ -184,4 +186,17 @@ Aloha.settings.contentHandler.sanitize = {
'q' : {'cite': ['http', 'https', '__relative__']}
}
}

// OR

Aloha.settings.contentHandler.sanitize = 'relaxed'; // 'basic'|'restricted'|'relaxed'

// OR

Aloha.settings.contentHandler.sanitize = {
'#myId': { elements: [...], attributes: {...}, protocols;{...} },
'.myclass': { elements: [...], attributes: {...}, protocols;{...} },,
'p': { elements: [...], attributes: {...}, protocols;{...} },
'div': { elements: [...], attributes: {...}, protocols;{...} }
}
</javascript>
Loading