Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
I've disabled all filters in FCKeditor settings.
But FCKeditor keeps altering original content when I save then edit then save again and so on.
I just want FCKeditor to use the content of the textarea as is, without filtering it.
Comments
Comment #1
anrikun CreditAttribution: anrikun commentedAJAX callback - XSS filter should not be called if no security filter is selected
Comment #2
wwalc CreditAttribution: wwalc commentedYup, it sounds reasonable, if someone disabled all of them why execute the default filter at all?
Comment #3
derekwebb1 CreditAttribution: derekwebb1 commentedYep this is certainly a problem. I am seeing this as well. It is driving the people nuts.
I see that you have a variable "xss_check" that is used to determine if filtering is needed. I have not been able to locate where this is set so far. I really want it to stop filtering if I say "Don't filter!"
Outside of this error it is a pretty nice module.
Derek
PS: Why does the previous post suggest that this problem was fixed? It is not.
Comment #4
anrikun CreditAttribution: anrikun commentedA dirty fix is to change this function in fckeditor.module:
Comment #5
derekwebb1 CreditAttribution: derekwebb1 commentedYeah. I have a very dirty fix too. Basically I set the xss_check variable to 0 (as in Zero or false) right before they are used in the fckeditor.config.js file.
This is really odd too. I don't remember having this happen earlier.
Hope this helps, and thanks hmfireball!
Derek
Comment #6
wwalc CreditAttribution: wwalc commentedThe status was already set to fix, my fault I that didn't wrote that I have already fixed it in CVS :)
Could you please download the latest dev release and let me know whether it works as expected?
btw. here's the diff (please, use the whole new module instead of applying it manually):
http://cvs.drupal.org/viewvc.py/drupal/contributions/modules/fckeditor/f...
Comment #7
anrikun CreditAttribution: anrikun commentedShould we download the last 6.x-2.x-dev version?
Comment #8
wwalc CreditAttribution: wwalc commented6.x-2.x-dev if you have used 6.x-2.0-alpha5
6.x-1.x-dev if you have used 6.x-1.3-rc7
5.x-2.x-dev if you have used 5.x-2.2-rc7
Comment #9
wwalc CreditAttribution: wwalc commented...and if you have used 6.x-2.x-dev, then use the latest 6.x-2.x-dev (2009-Feb-17)
Comment #10
anrikun CreditAttribution: anrikun commentedSorry, it still doesn't work.
Applying the "fix" above, it works again.
Comment #11
wwalc CreditAttribution: wwalc commentedAhh correct, sorry for providing the wrong code to test :/
There is a slight difference between how FCKeditor profile is saved in 6--1 and 6--2. I have simply copied the code that worked in 6--1, but it turned out that was a bad idea.
Could you download the latest version of fckeditor.modue for 6--2 here:
http://cvs.drupal.org/viewvc.py/drupal/contributions/modules/fckeditor/f...
(in short, in 6--2 we have an information about all filters in $_fckeditor_configuration[$textarea_id]['filters'], regardless of whether they are disabled or not, so additional checks are necessary to see if they are actually enabled (whether the value is 0 or 1))
Comment #12
anrikun CreditAttribution: anrikun commentedIt seems that it works now. Thank you very much :-)
Instead of unchecking security filters in settings,
It would be nice to check a new radio button below:
Security settings :
Always run security filters for FCKeditor.
Run security filters only when FCKeditor is set to start automatically.
Never run security filters for FCKeditor.