Hello,

I would like that users can add video in the comments.

I disabled the tag in the file
wysiwyg_filter.inc and added: param [*]

It does not work, when I record the tag is removed. Could you help me please?

CommentFileSizeAuthor
#8 no_balcklist.diff394 bytesruloweb

Comments

markus_petrux’s picture

Category: task » feature
Status: Active » Closed (won't fix)

This HTML element is not supported because it would add more complexity to the parser. You have to use some kind of macro that is later expanded to EMBED + params, or you have to use a different input filter.

Clément’s picture

Thank you for your reply. It seems too complicated for my level.
I'll drop it :(

Greetings.
Clement

greg.harvey’s picture

Title: how to use the tag <param> ? » Allow embed, object and param
Status: Closed (won't fix) » Active

Hi,

Great module, and potentially very useful - however, this is a problem because it does not support the TinyMCE media button. Since the module is supposed to be targetted at TinyMCE users, I'm surprised this isn't on the schedule to be dealt with. I understand from your other posts that it's not easy to parse these elements, however Clement's response pretty much sums up why this is a problem...

It's quite common for people to want to allow users to embed media from, say, YouTube - using TinyMCE (what's the point of having a WYSIWYG and then making them use SWF Tools and tokens, for example?) Because this module doesn't currently support the media button of TinyMCE it turns off a lot of people.

Quick fix: make the blacklist editable in admin.
Long game: make the module work with this button.

Postpone it for a very long time, if you like, but dismissing it as something you'll never do removes even the chance someone else might post a patch for it! =/

What do you say? Keep this open as a distantly regarded feature request? Pretty please?? =)

markus_petrux’s picture

Status: Active » Closed (won't fix)

IMO, this issue could be solved using a method to include media content in the post that does not use markup. For example, using a Drupal filter that implements a macro. Then, such a filter can be added to the input format after the WYSIWYG Filter. That's the easiest method to control what can or cannot be done.

There are other modules in Drupal that are similar to WYSIWYG Filter. For example HTML Purifier or htmLawed.

I would only keep this issue alive, if someone is going to work on a solution. I'm actually fine with current situation, because we deal with this kind of limitations using custom macros.

greg.harvey’s picture

Ok, are there any docs for this? I'm not sure what you mean by 'custom macros'? Sorry, I'm sure it's straightforward enough, but I just haven't seen this terminology before.

markus_petrux’s picture

I was thinking in something like Filter Macros. If that does not cover your particular needs, you may need to find another input filter, or code your own.

Using this technique there's no need to allow potentially harmful markup directly, because that's difficult to validate in a way that is able to cover "any need", but also able to protect from bad use.

szantog’s picture

ruloweb’s picture

StatusFileSize
new394 bytes

Hi all!

I really need to allow iframes and objects. Change to another module in this current project is not so easy, so I've created a patch that take off the blacklisted tags :P

WARNING! it's not the best way, but I decided to pubish this because there may be someone else in the same situation than me.

Thanks!

Sarenc’s picture

You could always use something like embedded media field's eminline filter to convert videos from simple URLs to full embed code. Then just order eminline after wysiwyg in the input format. Perhaps you can then edit TinyMCE's button to work with eminline by simply adding the URL instead of all the embed code?

minnur’s picture

At least please add it to variable so it's editable without altering validation forms etc..

This function :

/**
 * Get HTML elements blacklist.
 */
function wysiwyg_filter_get_elements_blacklist() {
  return array(
    'applet',
    'area',
    'base',
    'basefont',
    'body',
    'button',
    'embed',
    'form',
    'frame',
    'frameset',
    'head',
    'html',
    'iframe',
    'input',
    'isindex',
    'label',
    'link',
    'map',
    'meta',
    'noframes',
    'noscript',
    'object',
    'optgroup',
    'option',
    'param',
    'script',
    'select',
    'style',
    'textarea',
    'title',
  );
}

TO THIS:

/**
 * Get HTML elements blacklist.
 */
function wysiwyg_filter_get_elements_blacklist() {
  $defaults = array(
    'applet',
    'area',
    'base',
    'basefont',
    'body',
    'button',
    'embed',
    'form',
    'frame',
    'frameset',
    'head',
    'html',
    'iframe',
    'input',
    'isindex',
    'label',
    'link',
    'map',
    'meta',
    'noframes',
    'noscript',
    'object',
    'optgroup',
    'option',
    'param',
    'script',
    'select',
    'style',
    'textarea',
    'title',
  );
return variable_get('wysiwyg_filter_elements_blacklist', $defaults);
}
azinck’s picture

gisle’s picture