Rails, TinyMCE, and Blake Watters' plugin


#1

Hi,

I’ve been using your TinyMCE plug-in for Rails very happily for a while
now. I’ve run into one problem that I just can’t seem to solve and I’m
slowly going bats.

I want to allow users to paste in html forms into the TinyMCE editor. I
realize the form tags are cleaned out prior to save in order to prevent
XSS
attacks, but after a lot of looking I found that TinyMCE will allow you
to
override what gets scrubbed out.

So I changed the default code for the controller (provided by the wiki
example) from:

uses_tiny_mce(:options => {:theme => ‘advanced’,
:browsers => %w{msie gecko},
:theme_advanced_toolbar_location => “top”,
:theme_advanced_toolbar_align => “left”,
:theme_advanced_resizing => true,
:theme_advanced_resize_horizontal => false,
:paste_auto_cleanup_on_paste => true,
:theme_advanced_buttons1 => %w{formatselect
fontselect fontsizeselect bold italic underline strikethrough
separator justifyleft justifycenter justifyright indent outdent
separator bullist numlist forecolor backcolor separator link unlink
image undo redo},
:theme_advanced_buttons2 => [],
:theme_advanced_buttons3 => [],
:plugins => %w{contextmenu paste}},
:only => [:new, :edit, :show, :index])

To:

uses_tiny_mce(:options => {:theme => ‘advanced’,
:browsers => %w{msie gecko},
:extended_valid_elements =>
“form[name|id|action|method|enctype|accept-charset|onsubmit|onreset|target],input[alt|border|id|name|type|value|size|maxlength|checked|accept|src|width|height|disabled|readonly|tabindex|accesskey|onfocus|onblur|onchange|onselect],textarea[id|name|rows|cols|disabled|readonly|tabindex|accesskey|onfocus|onblur|onchange|onselect],option[name|id|value],select[id|name|type|value|size|maxlength|checked|accept|src|width|height|disabled|readonly|tabindex|accesskey|onfocus|onblur|onchange|onselect|length|options|selectedIndex]”,
:theme_advanced_toolbar_location => “top”,
:theme_advanced_toolbar_align => “left”,
:theme_advanced_resizing => true,
:theme_advanced_resize_horizontal => false,
:paste_auto_cleanup_on_paste => false,
:theme_advanced_buttons1 => %w{formatselect
fontselect fontsizeselect bold italic underline strikethrough
separator justifyleft justifycenter justifyright indent outdent
separator bullist numlist forecolor backcolor separator link unlink
image undo redo},
:theme_advanced_buttons2 => [],
:theme_advanced_buttons3 => [],
:plugins => %w{contextmenu paste}},
:only => [:new, :edit, :show, :index])

Unfortunately, that’s not doing what is expected. In fact, it’s not
doing
anything at all. In desperation I went to the public/tiny_mce.js
directory
and edited the extended_valid_elements attribute directly, but that had
the
same result… no change.

Anyone have any insights?

Joe


#2

I’ve been using your TinyMCE plug-in for Rails very happily for a while
now. I’ve run into one problem that I just can’t seem to solve and I’m
slowly going bats.

So much for proof reading, was originally going to send this to Blake
directly, but figured I’d ask the group first before bugging anyone. At
any
rate I’m using Blake’s great plugin for using TinyMCE found on the wiki
here:
http://wiki.rubyonrails.org/rails/pages/HowToUseTinyMCE

Sorry about that, must not have had enough caffeine today!