Opened 8 years ago

Closed 5 years ago

#7927 closed Bug (fixed)

bbcode and js event problem

Reported by: zleaf Owned by:
Priority: Normal Milestone:
Component: General Version: 3.6
Keywords: Cc:

Description (last modified by Jakub Ś)

for example: after paste a image in ckeditor in bbcode mode, (the image is like :

<img src="http://cksource.com/forums/images/smilies/icon_e_biggrin.gif" onclick="alert('abc')">

), then click the View Source button, error occur...

here's my way to fix this problem, hoping the official way

      function purge(d){
         var a=d.attributes,i,l,n;
         if(a){
            l=a.length;
            for(i=0;i<l;i+=1){
               n=a[i].name;
               if(typeof d[n]==='function'){
                  d[n]=null;
               }
            }
         }
         a=d.childNodes;
         if(a){
            l=a.length;
            for(i=0;i<l;i+=1){
               purge(d.childNodes[i]);
            }
         }
      }
      editor.on( 'insertHtml', function(data){
         var t=document.createElement('div');
         document.body.appendChild(t);
         t.innerHTML = data.data;
         purge(t);
         data.data = t.innerHTML;
         document.body.removeChild(t);
      });

Change History (6)

comment:1 Changed 8 years ago by Jakub Ś

Description: modified (diff)

comment:2 Changed 8 years ago by Jakub Ś

Status: newpending

I'm a little confused here because I could not reproduce the issue (nor win nor linux). I have tried to paste the following code and switch mode but sisn't get any errors.

Could you:

  1. Tell me what Operating System are you using.
  2. Tell me what browser are you using
  3. Provide me with a step by step Test Case so that I could easily reproduce the issue

Waiting for your comments.

comment:3 Changed 8 years ago by Jakub Ś

Keywords: bbcode removed

comment:4 in reply to:  2 Changed 8 years ago by zleaf

Replying to j.swiderski:

I'm a little confused here because I could not reproduce the issue (nor win nor linux). I have tried to paste the following code and switch mode but sisn't get any errors.

Could you:

  1. Tell me what Operating System are you using.
  2. Tell me what browser are you using
  3. Provide me with a step by step Test Case so that I could easily reproduce the issue

Waiting for your comments.

Sorry I'm so late to reply. I checked my code and I found that I didn't describe the problem correctly, here're my steps in php:

1 the php code is like:

$CKEditor = new CKEditor();
....
...
..
$CKEditor->config['html'] = $Content;
....
...
..
$CKEditor->addGlobalEventHandler('instanceReady', "function( ev ){
	var editor=ev.editor;
	editor.insertHtml(editor.config.html);
}");
....
...
..
$CKEditor->editor("Content","");

2 $Content is like

<IMG onclick="if(this.width>=100)alert('aaa');" border=0 src="http://dev.ckeditor.com/chrome/site/logo-ckeditor-dev.png">

3 When switching mode we'll see the js error( not just in bbcode mode), I thought it's because of the '>' in '>=100'.

My browser is IE7 in WinXP

Last edited 8 years ago by zleaf (previous) (diff)

comment:5 Changed 8 years ago by Jakub Ś

Status: pendingconfirmed

First of all there should be slashes used with 'aaa'-> \'aaa\'

<IMG onclick="if(this.width>=100)alert(\'aaa\');" border=0 src="http://dev.ckeditor.com/chrome/site/logo-ckeditor-dev.png"/>

Second I don't see problems in any sample except bbcode.

TC:

  1. Paste the following code to your config.js
    CKEDITOR.on('instanceReady', function( ev ){
    	CKEDITOR.config['html'] = '<IMG onclick="if(this.width>=100)alert(\'aaa\');" border=0 src="http://dev.ckeditor.com/chrome/site/logo-ckeditor-dev.png"/>';
    	var editor=ev.editor;
    	editor.insertHtml(editor.config.html);
    });
    
  2. Open bbcode sample
  3. Switch to source mode

Result: JS error occurs
Message: „text is undefined”
Line: 167
URI: /_source/plugins/entities/plugin.js

The cause of the problem is -> onclick="if(this.width>=100)alert(\'aaa\');"

Reproducible in all browsers from CKEditor 3.6 rev [6904]

comment:6 Changed 5 years ago by Jakub Ś

Resolution: fixed
Status: confirmedclosed

This issue seems to be fixed in CKEditor 4.x.

Note: See TracTickets for help on using tickets.
© 2003 – 2019 CKSource – Frederico Knabben. All rights reserved. | Terms of use | Privacy policy