Skip to:
Content
Pages
Categories
Search
Top
Bottom

Inserting videos via TinyMCE plugin is escaping the source tag for non-admin use


  • Chuckie
    Participant

    @ajtruckle

    4 years, 11 months ago

    So I am using this extra function so that extra HTML tags are not stripped for non-admin users:

    add_filter( 'bbp_kses_allowed_tags', 'ntwb_bbpress_custom_kses_allowed_tags' );

function ntwb_bbpress_custom_kses_allowed_tags() {
	return array(

		// Links
		'a'          => array(
			'class'    => true,
			'href'     => true,
			'title'    => true,
			'rel'      => true,
			'class'    => true,
			'target'   => true,
		),

		// Quotes
		'blockquote' => array(
			'cite'     => true,
		),
		
		// Div
		'div' => array(
			'class'     => true,
		),
		
		// Span
		'span'          => array(
			'class'     => true,
			'style'     => true,
		),

		// Paragraph
		'p'          => array(
			'dir'    => true,
			'style'  => true,
		),
		
		// Code
		'code'       => array(),
		'pre'        => array(
		'class'      => true,
		),

		// Formatting
		'em'         => array(),
		'strong'     => array(),
		'del'        => array(
			'datetime' => true,
		),

		// Lists
		'ul'         => array(),
		'ol'         => array(
			'start'    => true,
		),
		'li'         => array(),

		// Images
		'img'        => array(
			'class'    => true,
			'src'      => true,
			'border'   => true,
			'alt'      => true,
			'height'   => true,
			'width'    => true,
		),

		// Tables
		'table'      => array(
			'align'    => true,
			'bgcolor'  => true,
			'border'   => true,
		),
		'tbody'      => array(
			'align'    => true,
			'valign'   => true,
		),
		'td'         => array(
			'align'    => true,
			'valign'   => true,
		),
		'tfoot'      => array(
			'align'    => true,
			'valign'   => true,
		),
		'th'         => array(
			'align'    => true,
			'valign'   => true,
		),
		'thead'      => array(
			'align'    => true,
			'valign'   => true,
		),
		'tr'         => array(
			'align'    => true,
			'valign'   => true,
		),
		'video'      => array(
			'controls' => true,
			'width'    => true,
			'height'   => true,
			'source'     => array(
				'src'    => true,
				'type'	 => true
			)
		)
	);
} 
// ==============================================================

    Notice the section at the end for videos? This is the issue. These videos are inserted using the TinyMCE Video plugin. Once it is inserted it looks something like this:

    <video controls="controls" width="300" height="150">
<source src="https://www.publictalksoftware.co.uk/videos/forum/pts-test-video.mp4" type="video/mp4" /></video>

    The problem is that for a non-admin user the < and /> wrapped around the source tag is getting escaped. Thus the syntax is not correct and the video module will not play.

    Robin suggested I switch off moderation:

    add_filter( 'bbp_bypass_check_for_moderation', '__return_true' );
    And to try removing this filter:

    remove_filter( 'bbp_new_reply_pre_content', 'bbp_filter_kses', 30 );

    But i can’t get it to work. The only way to insert one of these videos is if a admin user does it so that the escaping of the source tag does not happen.

    Can this be resolved?

    It is not a bug with the TinyMCE Video plugin. It is a bug only with non admin users inserting the videos. I assumed BBPress is escaping the inner content. Anyone got any ideas?

    Thanks.

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘Inserting videos via TinyMCE plugin is escaping the source tag for non-admin use’ is closed to new replies.

Topic Info

Skip to toolbar