You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When importing richtext content into a CKEditor field, the class and style attributes are not purified during the import process. These attributes are only removed after editing and saving the field in the Control Panel (CP).
Steps to reproduce
Import richtext content with class and style attributes into a CKEditor field.
Check the imported field for the presence of class and style attributes.
The attributes are still present.
Edit the field, change some content in the CP, and save the changes.
The class and style attributes are now removed.
Additional info
Craft version: Craft Pro 5.3.4
PHP version: 8.2.21
Plugins & versions: CKEditor 4.2.0, FeedMe 6.3.0
The text was updated successfully, but these errors were encountered:
The content is purified on upload. What will be allowed and stripped out depends on your HTML Purifier config. You choose the config in your CKEditor field settings under Advanced > HTML Purifier Config. The files listed on that list are located here: config/htmlpurifier/.
For example, if I were to disallow certain classes by adding "Attr.ForbiddenClasses": ["bad"] to the HTML Purifier config and import the following content:
That said, I think I know what you’re referring to here, but I wanted to clarify that this is unrelated to the HTML Purifier.
When you import data into a CKEditor field via Feed Me, the classes are not stripped out (providing they’re allowed by the HTML PUrifier). You can see them if you view the field’s value directly in the database. If you edit the imported element (e.g. entry) and view the content of the CKEditor field in the control panel, those classes aren’t there. If you then save that element, they are removed from the database, too. It’s the native CKEditor’s code that strips those attributes when you view the content (taking into account your CKEditor Config > Config Options), and that change is then saved in the database. The reason you can see those attributes in the database after the import is that CKEditor itself is not initialised when importing data via Feed Me.
I hope this helps clear things up.
I’ll close this now, but feel free to reach out if you have any further questions.
Description
When importing richtext content into a CKEditor field, the class and style attributes are not purified during the import process. These attributes are only removed after editing and saving the field in the Control Panel (CP).
Steps to reproduce
Additional info
The text was updated successfully, but these errors were encountered: