If at least one "security filter" has been selected for a profile, then all of them are applied. Consequently, you can end up with really messed up content showing up in the editor after the AJAX call to "ckeditor/xss".

In our case, we have the Messaging module installed, which provides a filter to convert HTML to plain text. We have only the "HTML filter" filter enabled for one profile, but because of this bug, the filter from Messaging also gets applied and so the content for any CKEditor field gets stripped of all HTML formatting.

So far as I know, this is limited to the D6 codeline.

Files: 
CommentFileSizeAuthor
#1 0001-1491462-all-filters-applied.patch450 byteskevin.dutra

Comments

StatusFileSize
new450 bytes

Here is a patch to solve this.

Status:Active» Needs review

Status:Needs review» Fixed

@kevin.dutra, really thx for your patch and review. We lose this in one of the patches and i don't know why...

I commit it to GIT (diff)

You're welcome, and thank you for the quick turnaround on this. Do you have an idea of when you might release 6.x-1.11?

@kevin.dutra the next release will be as soon as possible. For now please use DEV version or your patch.

Cool, thanks!

Status:Fixed» Closed (fixed)