Commit Graph

8 Commits

Author SHA1 Message Date
Ralf Becker
cbd328eb55 htmlarea-widget in mode="ascii" looses or modifies content (<, >, <tag>) by calling html::purify on it, also fixed set_attrs to expand attribute values 2014-05-21 09:55:02 +00:00
Ralf Becker
38504680b7 setting CSP attributes needed by CKeditor now automatic when egw_ckeditor_config::get_ckeditor_config(_array) get called 2013-10-14 10:42:36 +00:00
Klaus Leithoff
2a61ac9264 allow to pass config/validation rules to current purifying engine (HTMLawed) 2013-10-10 09:30:25 +00:00
Ralf Becker
43e1bfcc12 switching on Content-Security-Policy: script-src 'self' 'unsafe-eval' for all templates, old non-et2 apps can call egw_framework::csp_script_src_attrs('unsafe-inline') to enable inline scripts in their scope, et2 does it for CK editor which does not support CSP currently and old etemplate does it for all apps using it 2013-10-05 13:33:28 +00:00
Nathan Gray
1f2ee8faf2 Add ckeditor as htmlarea widget 2012-06-06 04:13:19 +00:00
Ralf Becker
0d66dd98b7 fixed server-side valdation of autorepeated rows/columns
had to change signature of validate function to get information for autorepeating through
removed entity-encoding of square brackets, as they mess up validiation (havnt found any negative effects so far)
2012-05-03 14:17:47 +00:00
Ralf Becker
32ea28a59c fixed copy-n-paste typo 2011-08-21 13:45:55 +00:00
Ralf Becker
76d5a57b8c added validator for htmlarea, not yet tested, as it is not yet implemented on clientside 2011-08-21 13:01:10 +00:00