Allow / disallow some html tags

Hi all,
I need for my page a configuration, that allows handling each html tag seperatly, if it can be pasted and displayed or not. Allowed tags should be <ul>,<ol>,<li>, <br /> for example, not allowed ones would be <h1>-<h6>, <p>, <img>... (though it should be allowed to enter an image using the editor's add-image button)
I already looked a lot through the FAQ and found some options to config pasting over word:

config.enterMode = 2;
config.CleanWordKeepsStructure = true;
config.pasteFromWordRemoveFontStyles = true;

but copying content to word and then again to the ckeditor is not a good alternative. As there can still be headings or similar content included.

I was going to write a custom/overwrite a paste method, that analyzes the pasted text and fires an alert if unallowed tags with attributes are found and gives the opportunity "to clean up", but I thought it might be clever to ask here, if there is maybe a simpler or already existing solution for that :) Or if anyone could give some advices about what is the best practice to add a custom paste method, I would appreciate it very much.

Thanks,
Conrad

Wed, 05/26/2010 - 09:01

yfrommelt

Joined: 24/02/2010

Posts: 49

Re: Allow / disallow some html tags

I created a plugin for automatic cleaning tags.

plugins/autoclean/plugin.js

/*******************************************************************************
Create Date : 15/02/2010
----------------------------------------------------------------------
Plugin name : autoclean
Version : 1.0
Author : Frommelt Yoann
Description : permet de faire un netoyage des balise HTML compatible avec HTML2PDF
********************************************************************************/

//liste des tags autorisé, ce sont ceux géré par la bibliothèque html2pdf, les autres balises sont interdites et seront affichée au lieu d'être interprétées
var arra_tag_autorise=new Array('a','b','big','blockquote','br','cite','code','div','em','font','form',
'h1','h2','h3','h4','h5','h6','hr','i','img','input','li','link','ol','option','p','pre','s','samp','select','small',
'span','strong','style','sub','sup','table','tbody','td','textarea','tfoot','th','thead','tr','u','ul');
//la liste des tags qui sont interdit et qui seront supprimés
var arra_tag_interdit=new Array('title','o');


CKEDITOR.plugins.add('autoclean',{
  beforeInit:function(editor){
    addEventOn(editor);
  }
})

function addEventOn(editor) {
  editor.on('paste', function (evt){
    //alert("autoclean");
    // on recupere le contenu du collé
    var html = evt.data['html'];
    // on netoi le code qui provien de word
    var cleanhtml = autoClean(html);
    // on effectue le traitement des balises en fonction des liste blanche / noir
    var protectedhtml = protectTag(cleanhtml);
    // on retourne le contenu netoyer a coller
    evt.data['html'] = protectedhtml;
  });
}

function autoClean(html) {
  //alert(html);
   html = html.replace(/<o:p>\s*<\/o:p>/g, '') ;
   html = html.replace(/<o:p>[\s\S]*?<\/o:p>/g, '&nbsp;') ;

   // Remove mso-xxx styles.
   html = html.replace( /\s*mso-[^:]+:[^;"]+;?/gi, '' ) ;

   // Remove margin styles.
   html = html.replace( /\s*MARGIN: 0cm 0cm 0pt\s*;/gi, '' ) ;
   html = html.replace( /\s*MARGIN: 0cm 0cm 0pt\s*"/gi, "\"" ) ;

   html = html.replace( /\s*TEXT-INDENT: 0cm\s*;/gi, '' ) ;
   html = html.replace( /\s*TEXT-INDENT: 0cm\s*"/gi, "\"" ) ;

   html = html.replace( /\s*TEXT-ALIGN: [^\s;]+;?"/gi, "\"" ) ;

   html = html.replace( /\s*PAGE-BREAK-BEFORE: [^\s;]+;?"/gi, "\"" ) ;

   html = html.replace( /\s*FONT-VARIANT: [^\s;]+;?"/gi, "\"" ) ;

   html = html.replace( /\s*tab-stops:[^;"]*;?/gi, '' ) ;
   html = html.replace( /\s*tab-stops:[^"]*/gi, '' ) ;

   // Remove Class attributes
   html = html.replace(/<(\w[^>]*) class=([^ |>]*)([^>]*)/gi, "<$1$3") ;

   // Remove style, meta and link tags
   html = html.replace( /<STYLE[^>]*>[\s\S]*?<\/STYLE[^>]*>/gi, '' ) ;
   html = html.replace( /<(?:META|LINK)[^>]*>\s*/gi, '' ) ;

   // Remove empty styles.
   html =  html.replace( /\s*style="\s*"/gi, '' ) ;

   html = html.replace( /<SPAN\s*[^>]*>\s*&nbsp;\s*<\/SPAN>/gi, '&nbsp;' ) ;

   html = html.replace( /<SPAN\s*[^>]*><\/SPAN>/gi, '' ) ;

   // Remove Lang attributes
   html = html.replace(/<(\w[^>]*) lang=([^ |>]*)([^>]*)/gi, "<$1$3") ;

   html = html.replace( /<SPAN\s*>([\s\S]*?)<\/SPAN>/gi, '$1' ) ;

   html = html.replace( /<FONT\s*>([\s\S]*?)<\/FONT>/gi, '$1' ) ;

   // Remove XML elements and declarations
   html = html.replace(/<\\?\?xml[^>]*>/gi, '' ) ;

   // Remove w: tags with contents.
   html = html.replace( /<w:[^>]*>[\s\S]*?<\/w:[^>]*>/gi, '' ) ;

   // Remove Tags with XML namespace declarations: <o:p><\/o:p>
   html = html.replace(/<\/?\w+:[^>]*>/gi, '' ) ;

   // Remove comments [SF BUG-1481861].
   html = html.replace(/<\!--[\s\S]*?-->/g, '' ) ;

   html = html.replace( /<(U|I|STRIKE)>&nbsp;<\/\1>/g, '&nbsp;' ) ;

   html = html.replace( /<H\d>\s*<\/H\d>/gi, '' ) ;

   // Remove "display:none" tags.
   html = html.replace( /<(\w+)[^>]*\sstyle="[^"]*DISPLAY\s?:\s?none[\s\S]*?<\/\1>/ig, '' ) ;

   // Remove language tags
   html = html.replace( /<(\w[^>]*) language=([^ |>]*)([^>]*)/gi, "<$1$3") ;

   // Remove onmouseover and onmouseout events (from MS Word comments effect)
   html = html.replace( /<(\w[^>]*) onmouseover="([^\"]*)"([^>]*)/gi, "<$1$3") ;
   html = html.replace( /<(\w[^>]*) onmouseout="([^\"]*)"([^>]*)/gi, "<$1$3") ;
   
   //alert(html);
   return html;
}

//permet de protéger le code en n'acceptant que certainne balise html
function protectTag(html) {
  var stri_tag=arra_tag_autorise.join('|');
  var stri_res=html;

  var reg1=new RegExp("<([^>]*)>", "gi");
  stri_res=stri_res.replace(reg1,'&lt;$1&gt;');//on remplace les < et les > pour chaque balises

  var stri_tag_interdit=arra_tag_interdit.join('|');
  var reg3=new RegExp("&lt;(/?("+stri_tag_interdit+") ?[^&]*)&gt;", "gi");
  stri_res=stri_res.replace(reg3,'');//suppression des tags interdit

 // var reg2=new RegExp("&lt;(/?("+stri_tag+") ?[^&]*)&gt;", "gi");
  var reg2=new RegExp("&lt;(/?("+stri_tag+")( [^&]*)?)&gt;", "gi");
 
  stri_res=stri_res.replace(reg2,'<$1>');//on remet l'accès au tags autorisés

  return stri_res;
}

config.js

config.extraPlugins = 'autoclean';

Wed, 05/26/2010 - 14:53

conrad

Joined: 25/05/2010

Posts: 2

Re: Allow / disallow some html tags

Thank you very much! It is exactly what I was looking for.

Mon, 06/28/2010 - 13:00

madhuri_kr

Joined: 28/06/2010

Posts: 1

Re: Allow / disallow some html tags

Hi, I am trying to create a plugin similar to autoclean for automatic cleaning tags. when we Ctrl+V in the text area of the editor. But for some reason the plugin is loaded but the following line is never executed.
Requesting for help at the earliest.

CKEDITOR.plugins.add('autoclean', {
init: function(editor) {

editor.on('paste', function(evt) {

//////////////////IT NEVER REACHES HERE WHEN I DO A PASTE IN THE TEXT AREA>[/color]
alert("In the function"); });
}
})
It will be of great help if some one can find a solution for my problem.

var editorinstance = CKEDITOR.replace('editDisclosures', {
resize_enabled: true,
contentsCss: baseUrl + "Content/contents.css",
resize_enabled: true,
toolbarStartupExpanded: true,
fontSize_sizes: '16/16px;24/24px;48/48px;',
fontSize_defaultLabel: '12px',
font_names: 'Arial;Times New Roman;Verdana',
font_defaultLabel: 'Arial',
extraPlugins: 'autoclean',
height: 230,
toolbar: [
['Bold', 'Italic', 'Underline', '-'],
['Link', 'Unlink', 'TextColor', 'BGColor', 'NumberedList', 'BulletedList']
]

});

thanks
Madhuri

Tue, 05/14/2013 - 19:15

michaelmuller

Joined: 11/03/2005

Posts: 9

something in the config?

Isn't there something in the config which will allow CKedit to just allow all HTML tags?

Allow / disallow *some* html tags

Re: Allow / disallow *some* html tags

Re: Allow / disallow *some* html tags

Re: Allow / disallow *some* html tags

something in the config?

Allow / disallow some html tags

Re: Allow / disallow some html tags

Re: Allow / disallow some html tags

Re: Allow / disallow some html tags