I have integrated InnovaEditor in my project from where admin can enter html code to show on site.
My question is I want to prevent user to insert javascript event in html of editor.
For ex. if user add Mouse Over Here
Then onmouseover event should be removed. This feature is available in tinymce but not in innovaeditor. TinyMCE will remove events while user add code in html mode.
Can anyone help me out for this?
Huhh.. I have figured out the event on which I can use regex to clean html code.
I am using onSelectionChanged event of Innovaeditor.
oEdit1.onSelectionChanged=function(){
var html = oEdit1.getXHTMLBody();
html = html.replace(/ on\w+="[^"]*"/g, '');
html = html.replace(/<script\b[^<]*(?:(?!<\/script>)<[^<]*)*<\/script>/gi, '');
oEdit1.putHTML(html);
};
Same script used with form validation on submit.
This code will remove script tag and all events from html code.
Related
I have a HTML markup in a template which has input element. I load it via Ajax call and put in existing html using jQuery's $(selector).html(response).
Basically it is a pop up box which loads from template. After loading pop up box I want to set focus on input box. I've written this code :
$("#prescribe-input").focus() after content is appended in existing HTML but it does not work. I tried doing it in traditional javascript way too document.getElementById("prescribe-input").focus()
Both do not work. For testing purpose I tried creating sample input box in Index.html of an app and set focus. it works perfectly. The problem is when I load html from template using $().html() it does not work.
Any way to focus it properly?
I know the code is very less here but the question is self explanatory I believe.
if you are using jquery then you can use .on() on dynamically generated elements
$("#prescribe-input").on( "focus", function() {
//do what ever you want
});
You should do this in the callback function:
$(selector).html(response, function(){
$("#prescribe-input").focus();
})
I am trying to take advantage of the tags adding and removing with select2. Since we thought that removing a tag was too easy by clicking delete or the x and we want to have a remove confirmation before actually removing the tag. I was wondering if i can get some direction of how to implement since it was not in any documentation in select2. Maybe have a document on click to detect if the x is being click and backspace is being enter for the field. and prompt a user confirmation ?
http://ivaynberg.github.io/select2/index.html
Hi friends ,
we can manually block the close event ..
Here i have tried sample.. this is sameple. You can continue using this method.
select2-search-choice-close - > This is the class for close event . we can add the event and workout anything. in this sample just i added hi alert.
$(".select2-search-choice-close").click(function (e) { alert('hi'); });
I built a simple CMS in Laravel 4. I've decided to switch from my old editor to this markdown editor.
My old editor used a textbox and so all I had to do was submit the form and it was passed from the view to the controller and inserted into the database etc.
However, this new editor works by turning the markdown into html and that html is inserted within a div that looks like this:
<div id="preview" class="wmd-preview"></div>
I still want to use my old form to submit the contents of the div, so my question is this:
Is there a way to insert the contents of my "preview" div into some sort of hidden input in my form?
Alternatively, is there a better way to submit the contents of my post?
get the content of your div by its id
var a = document.getElementById('preview').innerHTML;
document.getElementById('hid').value = a //create a hidden input give it an id hid
To answer your question about firing the function every time a key is pressed, I would use a jQuery event listener like .keyup().
http://api.jquery.com/keyup/
I'm trying to start a project that requires that the javascript know every word that's typed in. An example of something I would try to accomplish would be that you would type 4 + 4, the interpreter on the webpage knows what you mean, and automatically puts = 8 on to the end of that line to show it's computed it, without having to submit anything or press any button.
I've looked into the element, but I don't want to reinvent the wheel or go against what the spec says. With putting a <textarea> as input on top of a canvas, the javascript on the page can only know what is in the textbox when the user submits the text. Is there anything out there that would help with this?
Thanks in advance!
To get the value of a textarea you can just access it via the DOM:
var textArea = document.getElementById("id-of-textarea");
To the textarea you can attach different eventlisteners, and in your case I would use onkeypress
textArea.onkeypress = function () {
var ta_value = textArea.value;
alert(ta_value);
}
Of course you'd have to write your own interpreter, I wouldn't recommend running eval on the input...
try adding a hidden input element and give it the focus when the page load is complete, and use the onkeyup handler to do whatever u want.
I was wondering if there is a way to protect a piece of html or text inside the jquery inline content editor jwysiwyg?
For example, I have a div that I externally insert to the editor and I do not want the user to modify it.
I could not capture the keypress event inside it (iframe security?) and setting the div to readonly or disabled did not work.
Any ideas?
Thanks!
Just add a click event handler for that div so it throws an alert and disables (graying out) the rest of the page; something like a login dialog (check out jQueryUI dialog - http://jqueryui.com/demos/dialog/)
Try it!
To clear the content in the editor use
$('#wysiwyg').wysiwyg('clear');
If you want to set the content of the editor on the fly you can use
$('#wysiwyg').wysiwyg('setContent' response.message);