CKEditor 4.9.2

Security Updates:

  • Fixed XSS vulnerability in the Enhanced Image (image2) plugin reported by Kyaw Min Thein.

    Issue summary: It was possible to execute XSS inside CKEditor using the <img> tag and specially crafted HTML. Please note that the default presets (Basic/Standard/Full) do not include this plugin, so you are only at risk if you made a custom build and enabled this plugin.

CKEditor 4.9.1

Fixed Issues:

CKEditor 4.9.0

New Features:

  • #932: Introduced Easy Image feature for inserting images that are automatically rescaled, optimized, responsive and delivered through a blazing-fast CDN. Three new plugins were added to support it:
  • #1338: Keystroke labels are displayed for function keys (like F7, F8).
  • #643: The File Browser plugin can now upload files using XHR requests. This allows for setting custom HTTP headers using the config.fileTools_requestHeaders configuration option.
  • #1365: The File Browser plugin uses XHR requests by default.
  • #1399: Added the possibility to set CKEDITOR.config.startupFocus as start or end to specify where the editor focus should be after the initialization.
  • #1441: The Magic Line plugin line element can now be identified by the data-cke-magic-line="1" attribute.

Fixed Issues:

  • #595: Fixed: Pasting does not work on mobile devices.
  • #869: Fixed: Empty selection clears cached clipboard data in the editor.
  • #1419: Fixed: The Widget Selection plugin selects the editor content with the Alt+A key combination on Windows.
  • #1274: Fixed: Balloon Toolbar does not match a single selected image using the contextDefinition.cssSelectormatcher.
  • #1232: Fixed: Balloon Toolbar buttons should be registered as focusable elements.
  • #1342: Fixed: Balloon Toolbar should be re-positioned after the change event.
  • #1426: [IE8-9] Fixed: Missing Balloon Toolbar background in the Kama skin. Thanks to Christian Elmer!
  • #1470: Fixed: Balloon Toolbar is not visible after drag and drop of a widget it is attached to.
  • #1048: Fixed: Balloon Panel is not positioned properly when a margin is added to its non-static parent.
  • #889: Fixed: Unclear error message for width and height fields in the Image and Enhanced Image plugins.
  • #859: Fixed: Cannot edit a link after a double-click on the text in the link.
  • #1013: Fixed: Paste from Word does not work correctly with the config.forcePasteAsPlainText option.
  • #1356: Fixed: Border parse function does not allow spaces in the color value.
  • #1010: Fixed: The CSS border shorthand property was incorrectly expanded ignoring the border-color style.
  • #1535: Fixed: Widget mouseover border contrast is insufficient.
  • #1516: Fixed: Fake selection allows removing content in read-only mode using the Backspace and Delete keys.
  • #1570: Fixed: Fake selection allows cutting content in read-only mode using the Ctrl/Cmd + X keys.
  • #1363: Fixed: Paste notification is unclear and it might confuse users.

API Changes:

Other Changes:

  • Updated SCAYT (Spell Check As You Type) and WebSpellChecker plugins:
    • SCAYT scayt_minWordLength configuration option now defaults to 3 instead of 4.
    • SCAYT default number of suggested words in the context menu changed to 3.
    • #90: Fixed: Selection is lost on link creation if SCAYT highlights the word.
    • Fixed: SCAYT crashes when the browser localStorage is disabled.
    • [IE11] Fixed: Unable to get property type of undefined or null reference error in the browser console when SCAYT is disabled/enabled.
    • #46: Fixed: Editing is blocked when remote spell checker server is offline.
    • Fixed: User Dictionary cannot be created in WSC due to You already have the dictionary error.
    • Fixed: Words with apostrophe ' on the replacement make the WSC dialog inaccessible.
    • Fixed: SCAYT/WSC causes the Uncaught TypeError error in the browser console.
  • #1337: Updated the samples layout with the new CKEditor 4 logo and color scheme.
  • #1591: CKBuilder and language tools are now downloaded over HTTPS. Thanks to August Detlefsen!

CKEditor 4.8.0

Important Notes:

New Features:

  • #933: Introduced Balloon Toolbar plugin.
  • #662: Introduced image inlining for the Paste from Word plugin.
  • #468: [Edge] Introduced support for the Clipboard API.
  • #607: Manually inserted Hex color is prefixed with a hash character (#) if needed. It ensures a valid Hex color value is used when setting the table cell border or background color with the Color Dialog window.
  • #584Font size and Family and Format drop-downs are not toggleable anymore. Default option to reset styles added.
  • #856: Introduced the CKEDITOR.tools.keystrokeToArray method. It converts a keystroke into its string representation, returning every key name as a separate array element.
  • #1053: Introduced the CKEDITOR.tools.object.merge method. It allows to merge two objects, returning the new object with all properties from both objects deeply cloned.
  • #1073: Introduced the CKEDITOR.tools.array.every method. It invokes a given test function on every array element and returns true if all elements pass the test.

Fixed Issues:

  • #796: Fixed: A list is pasted from OneNote in the reversed order.
  • #834: [IE9-11] Fixed: The editor does not save the selected state of radio buttons inserted by the Form Elementsplugin.
  • #704: [Edge] Fixed: Using Ctrl/Cmd + Z breaks widget structure.
  • #591: Fixed: A column is inserted in a wrong order inside the table if any cell has a vertical split.
  • #787: Fixed: Using Cut inside a nested table does not cut the selected content.
  • #842: Fixed: List style not restored when toggling list indent level in the Indent List plugin.
  • #711: Fixed: Dragging widgets should only work with the left mouse button.
  • #862: Fixed: The "Object Styles" group in the Styles Combo plugin is visible only if the whole element is selected.
  • #994: Fixed: Typo in the CKEDITOR.focusManager.focus API documentation. Thanks to benjy!
  • #1014: Fixed: The Table Tools Cell Properties dialog is now Advanced Content Filter aware — it is not possible to change the cell width or height if corresponding styles are disabled.
  • #877: Fixed: A list with custom bullets with exotic characters crashes the editor when pasted from Word.
  • #605: Fixed: Inline widgets do not preserve trailing spaces.
  • #1008: Fixed: Shorthand Hex colors from the config.colorButton_colors option are not correctly highlighted in the Color Button Text Color or Background Color panel.
  • #1094: Fixed: Widget definition upcast methods are called for every element.
  • #1057: Fixed: The Notification plugin overwrites Web Notifications API due to leakage to the global scope.
  • #1068: Fixed: Upload widget paste listener ignores changes to the uploadWidgetDefinition.
  • #921: Fixed: [Edge] CKEditor erroneously perceives internal copy and paste as type "external".
  • #1213: Fixed: Multiple images uploaded using Upload Image plugin are randomly duplicated or mangled.
  • #532: Fixed: Removed an outdated user guide link from the About dialog.
  • #1221: Fixed: Invalid CSS loaded by Balloon Panel plugin when config.skin is loaded using a custom path.
  • #522: Fixed: Widget selection is not removed when widget is inside table cell with Table Selection plugin enabled.
  • #1027: Fixed: Cannot add multiple images to the table with Table Selection plugin in certain situations.
  • #1069: Fixed: Wrong shape processing by Paste from Word plugin.
  • #995: Fixed: Hyperlinked image gets inserted twice by Paste from Word plugin.
  • #1287: Fixed: Widget plugin throws exception if included in editor build but not loaded into editor's instance.

API Changes:

Other Changes:

  • #815: Removed Node.js dependency from the CKEditor build script.
  • #1041#1131: Updated URLs pointing to CKSource and CKEditor resources after the launch of new websites.

CKEditor 4.7.3

New Features:

Fixed Issues:

  • #554: Fixed: change event not fired when typing the first character after pasting into the editor. Thanks to Daniel Miller!
  • #566: Fixed: The CSS border shorthand property with zero width (border: 0px solid #000;) causes the table to have the border attribute set to 1.
  • #779: Fixed: The Remove Format plugin removes elements with language definition inserted by the Languageplugin.
  • #423: Fixed: The Paste from Word plugin pastes paragraphs into the editor even if CKEDITOR.config.enterModeis set to CKEDITOR.ENTER_BR.
  • #719: Fixed: Image inserted using the Enhanced Image plugin can be resized when the editor is in read-only mode.
  • #577: Fixed: The "Delete Columns" command provided by the Table Tools plugin throws an error when trying to delete columns.
  • #867: Fixed: Typing into a selected table throws an error.
  • #817: Fixed: The Save plugin does not work in Source Mode.

Other Changes:

Twitter Facebook Facebook Instagram Medium Linkedin GitHub Arrow down Phone Menu Close icon Check