TinyMCE - setting or configuration to avoid sanitising source code

89 Views Asked by Mathew Stephen At 20 October 2024 at 05:57

I am using TinyMCE - 6.1.2 version. I would like to retain all the contents entered in TinyMCE as it is (especially while using 'Source Code' option).

Adding the below configuration helps in the majority of the scenarios.

verify_html : false,

But some values like action getting automatically stripped:

<input type='hidden' name='action' value=''>

is getting stripped to:

<input type="hidden" value="">

Original Q&A

There are 1 best solutions below

Mathew Stephen On 05 December 2022 at 04:48

This is a bug in TinyMCE and the same has been confirmed - TinyMCE removing 'action' word even after setting verify_html to false

Code Flow:

setContentString
- parse
  - parseAndSanitizeWithContext
    - DOMPurify.sanitize (iterate through each node)
      - _sanitizeElements (checks for specific condition and removes the node. There are no configuration to control this. Also element specific validation is done using the hook - uponSanitizeElement )
      - _sanitizeAttributes (similar to _sanitizeElements, but in this case attributes are removed)

If your element or node is getting removed, please debug the _sanitizeElements or _sanitizeAttributes functions respectively.

TinyMCE - setting or configuration to avoid sanitising source code

There are 1 best solutions below

Related Questions in TINYMCE

Related Questions in TINYMCE-6

Trending Questions

Popular # Hahtags

Popular Questions