>
> I''ve been using your TinyMCE plug-in for Rails very happily for a
while
> now. I''ve run into one problem that I just can''t seem to
solve and I''m
> slowly going bats.
So much for proof reading, was originally going to send this to Blake
directly, but figured I''d ask the group first before bugging anyone.
At any
rate I''m using Blake''s great plugin for using TinyMCE found on
the wiki
here:
http://wiki.rubyonrails.org/rails/pages/HowToUseTinyMCE
Sorry about that, must not have had enough caffeine today!
On 3/12/07, Joe Cairns
<joe.cairns-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
wrote:>
> Hi,
>
> I''ve been using your TinyMCE plug-in for Rails very happily for a
while
> now. I''ve run into one problem that I just can''t seem to
solve and I''m
> slowly going bats.
>
> I want to allow users to paste in html forms into the TinyMCE editor. I
> realize the form tags are cleaned out prior to save in order to prevent XSS
> attacks, but after a lot of looking I found that TinyMCE will allow you to
> override what gets scrubbed out.
>
> So I changed the default code for the controller (provided by the wiki
> example) from:
>
> uses_tiny_mce(:options => {:theme => ''advanced'',
> :browsers => %w{msie gecko},
>
> :theme_advanced_toolbar_location =>
"top",
> :theme_advanced_toolbar_align =>
"left",
> :theme_advanced_resizing => true,
>
> :theme_advanced_resize_horizontal => false,
> :paste_auto_cleanup_on_paste => true,
> :theme_advanced_buttons1 => %w{formatselect
fontselect fontsizeselect bold italic underline strikethrough separator
justifyleft justifycenter justifyright indent outdent separator bullist numlist
forecolor backcolor separator link unlink image undo redo},
>
> :theme_advanced_buttons2 => [],
> :theme_advanced_buttons3 => [],
> :plugins => %w{contextmenu paste}},
> :only => [:new, :edit, :show, :index])
>
>
> To:
>
> uses_tiny_mce(:options => {:theme => ''advanced'',
> :browsers => %w{msie gecko},
> :extended_valid_elements =>
"form[name|id|action|method|enctype|accept-charset|onsubmit|onreset|target],input[alt|border|id|name|type|value|size|maxlength|checked|accept|src|width|height|disabled|readonly|tabindex|accesskey|onfocus|onblur|onchange|onselect],textarea[id|name|rows|cols|disabled|readonly|tabindex|accesskey|onfocus|onblur|onchange|onselect],option[name|id|value],select[id|name|type|value|size|maxlength|checked|accept|src|width|height|disabled|readonly|tabindex|accesskey|onfocus|onblur|onchange|onselect|length|options|selectedIndex]",
>
> :theme_advanced_toolbar_location =>
"top",
> :theme_advanced_toolbar_align =>
"left",
> :theme_advanced_resizing => true,
>
> :theme_advanced_resize_horizontal => false,
> :paste_auto_cleanup_on_paste => false,
> :theme_advanced_buttons1 => %w{formatselect
fontselect fontsizeselect bold italic underline strikethrough separator
justifyleft justifycenter justifyright indent outdent separator bullist numlist
forecolor backcolor separator link unlink image undo redo},
>
> :theme_advanced_buttons2 => [],
> :theme_advanced_buttons3 => [],
> :plugins => %w{contextmenu paste}},
> :only => [:new, :edit, :show, :index])
>
>
> Unfortunately, that''s not doing what is expected. In fact,
it''s not doing
> anything at all. In desperation I went to the public/tiny_mce.js
directory
> and edited the extended_valid_elements attribute directly, but that had the
> same result.... no change.
>
> Anyone have any insights?
>
> Joe
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Ruby on Rails: Talk" group.
To post to this group, send email to
rubyonrails-talk-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
To unsubscribe from this group, send email to
rubyonrails-talk-unsubscribe-/JYPxA39Uh5TLH3MbocFFw@public.gmane.org
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en
-~----------~----~----~----~------~----~------~--~---