for carbon forum
- 添加你的iframe src 域名到白名单过滤器
C:\Apache24\htdocs\glassgov1\common.php
open common.php, search "iframe", add your iframe src domain to white filter.
I add **'j2t.transparentgov.net', 'transparentgov.net', 'www.transparentgov.net',
'ms1.transparentgov.net',**
to **$hostWhiteList**
//跨站脚本白名单过滤 function XssEscape($html) { $filter = new WhiteHTMLFilter(); $urlFilter = function($url) { $token = parse_url($url); if (empty($token['scheme']) || in_array($token['scheme'], array('http', 'https')) === false) { return ''; } $hostWhiteList = array( 'j2t.transparentgov.net', 'transparentgov.net', 'www.transparentgov.net', 'ms1.transparentgov.net', 'www.youtube.com', 'youtube.com', 'www.youtu.be', 'youtu.be', 'player.youku.com', 'v.youku.com',
2)ueditor config 添加 iframe 元素,object 元素。
C:\Apache24\htdocs\glassgov1\static\editor\ueditor.config.js
C:\Apache24\htdocs\glassgov1\static\editor\ueditor.config.js
Open ueditor.config.js, add below 3 line code at : window.UEDITOR_CONFIG = { )
// allow embed iframe tag
,iframe: ['frameborder','src','width','height']
,object: ['type','data','width','height']
// allow embed iframe tag ,iframe: ['frameborder','src','width','height'] ,object: ['type','data','width','height']
Success embed iframe, object html tag
==============================================
Ueditor:
打开下载的ueditor目录中ueditor.config.js文件,找到如下标签白名单代码
在任意处加上如下代码,如果你所添加的iframe中还包含其它标签,只需要在数组中继续添加元素即可。
iframe: ['frameborder','src','width','height'],
=========================================================
for q2a ckeditor
No comments:
Post a Comment