Hello,
I am trying to get my CKeditor secured from javascript tags, but the editor doen't remove the tags automatically (as in the examples that are given on the site) This means people can put in working javascript in my pages. Is there anything i can do to get this feature in my .net web application?
I think it is because i just get the text from the textarea by calling the element from my code instead of using the javascript function editor.getData(); (not shure)
Any tips on this would be great.
Tue, 05/28/2013 - 12:28
#1
you can't rely the security
That is true but...
That is true but it still doesn't explain why the filtering isn't applied to my implementation of the control. What part of the script removes the javascript from the text? I will doublecheck the code serverside but it would be nice to just remove the javascript before it goes to the server so that the javascript found on the server is not from the user of the control.
To start, it would be nice to
To start, it would be nice to know if you're using CKEditor 4.1 or an older version, and if you're using 4.1 if you've disabled the ACF.
I double checked my version
I double checked my version and I seem to not have updated the control in the right way. I just fixed it by updating it again. Thanks for the help!