[Severity: minor] Fixed the target="_blank" vulnerability reported by James Gaskell.
Issue summary: If a victim had access to a spoofed version of ckeditor.com via HTTP (e.g. due to DNS spoofing, using a hacked public network or mailicious hotspot), then when using a link to the ckeditor.com website it was possible for the attacker to change the current URL of the opening page, even if the opening page was protected with SSL.
An upgrade is recommended.
- #14747: The Enhanced Image caption now supports the link
- #7154: Added support for the "Display Text" field to the Link dialog. Thanks to Ryan Guill!
- #13362: [Blink, WebKit] Fixed: Active widget element is not cached when it is losing focus and it is inside an editable element.
- #13755: [Edge] Fixed: Pasting images does not work.
- #13548: [IE] Fixed: Clicking the elements path disables Cut and Copy icons.
- #13812: Fixed: When aborting file upload the placeholder for image is left.
- #14659: [Blink] Fixed: Content scrolled to the top after closing the dialog in a
- #14825: [Edge] Fixed: Focusing the editor causes unwanted scrolling due to dropped support for the
- #10750: Fixed: The editor does not escape the
font-stylefamily property correctly, removing quotes and whitespace from font names.
- #14413: Fixed: The Auto Grow plugin with the
config.autoGrow_onStartupoption set to
truedoes not work properly for an editor that is not visible.
- #14451: Fixed: Numeric element ID not escaped properly. Thanks to Jakub Chalupa!
- #14590: Fixed: Additional line break appearing after inline elements when switching modes. Thanks to dpidcock!
- #14539: Fixed: JAWS reads "selected Blank" instead of "selected " when selecting a widget.
- #14701: Fixed: More precise labels for Enhanced Image and Placeholder widgets.
- #14667: [IE] Fixed: Removing background color from selected text removes background color from the whole paragraph.
- #14252: [IE] Fixed: Styles drop-down list does not always reflect the current style of the text line.
- #14275: [IE9+] Fixed:
onloadevents are not used in browsers it could have been used when loading scripts dynamically.
- #10685: Fixed: Unreadable toolbar icons after updating to the new editor version.
- #14573: Fixed: Missing Widget drag handler CSS when there are multiple editor instances.
- #14620: Fixed: Setting both the
min-heightstyle for the
<body>element and the
heightstyle for the
<html>element breaks the Auto Grow plugin.
- #14538: Fixed: Keyboard focus goes into an embedded
- #14602: Fixed: The
dom.element.removeAttribute()method does not remove all attributes if no parameter is given.
- #8679: Fixed: Better focus indication and ability to style the selected color in the color picker dialog.
- #11697: Fixed: Content is replaced ignoring the letter case setting in the Find and Replace dialog window.
- #13886: Fixed: Invalid handling of the
CKEDITOR.styleinstance with the
- #14535: Fixed: CSS syntax corrections. Thanks to mdjdenormandie!
- #14312: [IE] Fixed: Artifact is visible after pasting any text.
- #12440: Added the
config.colorButton_enableAutomaticoption to allow hiding the "Automatic" option in the color picker.
- #14327: Added Swiss German localization.
- #13816: Introduced a new strategy for Filling Character handling to avoid changes in DOM. This fixes the following issues:
- #12727: [Blink]
IndexSizeErrorwhen using the Div Editing Area and Content Templates plugins.
- #13377: Widget plugin issue when typing in Korean.
- #13389: [Blink]
editor.getData()fails when the cursor is next to an
- #13513: [Blink, WebKit] Div Editing Area and
editor.getData()throw an error when an image is the only data in the editor.
- #12727: [Blink]
- #13884: Fixed: Copy/paste table in Firefox results in just first cell being pasted.
- #14234: Fixed: URL input field is not marked as required in the Embed dialog.