[Vtigercrm-developers] Avoid HTML purify in ckeditor

Matteo Baranzoni info at greenbitweb.com
Fri Oct 28 08:24:37 GMT 2016


i think that disable it was not better solution for security reasons, IMHO
you must investigate issue and change htmlpurifier config for fix it.

2016-10-28 10:01 GMT+02:00 socialboostdk <socialboostdk at gmail.com>:

> Excellent thanks - the quickest way i otherwise found was to completely
> disable it :)
>
> VT-team: Could you not include it as setting for VT7?
>
> On 28 October 2016 at 09:54, Simone Travaglini <simonetravaglini at gmail.com
> > wrote:
>
>> Hi,
>> after several test we found that only way to avoid HTML purify in
>> ckeditor is to change core file of Vtiger. Also if we set not to purify
>> code in ckeditor during saving is changed.
>>
>> The change to achieve the resutl is:
>>
>> include/utils/Vtlibutils.php
>>
>> Row 610
>>
>> - function vtlib_purify($input, $ignore=false) {
>> + function vtlib_purify($input, $ignore=true) {
>>
>> My question to vtiger team are:
>> - there is other way to achieve this result  without change core file?
>> - what impact have this change?
>>
>> --
>> Simone Travaglini
>> 328 5499846
>> Linkedin: Simone Travaglini
>>
>>
>> Rispetta l'ambiente: non stampare questa mail se non ti è veramente
>> necessario!
>>
>> _______________________________________________
>> http://www.vtiger.com/
>>
>
>
> _______________________________________________
> http://www.vtiger.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20161028/775b367e/attachment.html>


More information about the vtigercrm-developers mailing list