限制允许的html元素/从编辑器中删除有害脚本

时间:2011-05-24 作者:EddyR

如何限制Wordpress 3.1中tinymce编辑器中允许的html元素,并确保删除了有害的脚本(脚本/嵌入标记等)

1 个回复
最合适的回答,由SO网友:Will Ashworth 整理而成

Adjust HTML-Filter:

<?php
function fb_change_mce_options($initArray) {
    // Comma separated string od extendes tags
    // Command separated string of extended elements
    $ext = \'pre[id|name|class|style],iframe[align|longdesc|name|width|height|frameborder|scrolling|marginheight|marginwidth|src]\';
    if ( isset( $initArray[\'extended_valid_elements\'] ) ) {
        $initArray[\'extended_valid_elements\'] .= \',\' . $ext;
    } else {
        $initArray[\'extended_valid_elements\'] = $ext;
    }
    // maybe; set tiny paramter verify_html
    //$initArray[\'verify_html\'] = false;
    return $initArray;
}
add_filter(\'tiny_mce_before_init\', \'fb_change_mce_options\');
?>

Customizing the function of the buttons in your Editor:

<?php
function fb_change_mce_buttons( $initArray ) {
    //@see http://wiki.moxiecode.com/index.php/TinyMCE:Control_reference
    $initArray[\'theme_advanced_blockformats\'] = \'p,address,pre,code,h3,h4,h5,h6\';
    $initArray[\'theme_advanced_disable\'] = \'forecolor\';
    return $initArray;
}
add_filter(\'tiny_mce_before_init\', \'fb_change_mce_buttons\');
?>

Change language of spelling:

<?php
function fb_mce_external_languages($initArray){
    $initArray[\'spellchecker_languages\'] = \'+German=de, English=en\';
    return $initArray;
}
add_filter(\'tiny_mce_before_init\', \'fb_mce_external_languages\');
?>

The default values of WordPress:

\'mode\' => \'specific_textareas\'
\'editor_selector\' => \'theEditor\'
\'width\' => \'100%\'
\'theme\' => \'advanced\'
\'skin\' => \'wp_theme\'
\'theme_advanced_buttons1\' => \'bold,italic,strikethrough,|,bullist,numlist,blockquote,|,justifyleft,justifycenter,justifyright,|,link,unlink,wp_more,|,spellchecker,fullscreen,wp_adv\'
\'theme_advanced_buttons2\' => \'formatselect,underline,justifyfull,forecolor,|,pastetext,pasteword,removeformat,|,media,charmap,|,outdent,indent,|,undo,redo,wp_help\'
\'theme_advanced_buttons3\' => \'\'
\'theme_advanced_buttons4\' => \'\'
\'language\' => \'de\'
\'spellchecker_languages\' => \'English=en,Danish=da,Dutch=nl,Finnish=fi,French=fr,+German=de,Italian=it,Polish=pl,Portuguese=pt,Spanish=es,Swedish=sv\'
\'theme_advanced_toolbar_location\' => \'top\'
\'theme_advanced_toolbar_align\' => \'left\'
\'theme_advanced_statusbar_location\' => \'bottom\'
\'theme_advanced_resizing\' => true
\'theme_advanced_resize_horizontal\' => false
\'dialog_type\' => \'modal\'
\'relative_urls\' => false
\'remove_script_host\' => false
\'convert_urls\' => false
\'apply_source_formatting\' => false
\'remove_linebreaks\' => true
\'gecko_spellcheck\' => true
\'entities\' => \'38,amp,60,lt,62,gt\'
\'accessibility_focus\' => true
\'tabfocus_elements\' => \'major-publishing-actions\'
\'media_strict\' => false
\'paste_remove_styles\' => true
\'paste_remove_spans\' => true
\'paste_strip_class_attributes\' => \'all\'
\'wpeditimage_disable_captions\' => false
\'plugins\' => \'safari,inlinepopups,spellchecker,paste,wordpress,media,fullscreen,wpeditimage,wpgallery,tabfocus\'
我希望这对你有帮助。你应该能够改变任何你喜欢的事情。

结束
标签: customization   tinymce   visual-editor   post-editor   小码农  

相关推荐

在将按钮添加到tinyMCE编辑器时,如何使它们换行到下一行和/或显示在“Kitchen Sink”区域?

我正在Wordpress中成功地将按钮添加到TinyMCE编辑器中,但问题是它们都显示在厨房水槽按钮的右侧,我有太多的按钮,我需要它们显示在新的一行上。如何使按钮换行到下一行和/或为自定义按钮创建新行?这是我的代码:tinymce.create(\'tinymce.plugins.boxlight\', { init : function(ed, url) { ed.addButton(\'boxlight\', { title :