TinyMCE converting > to >

2
votes

Ok, so I have been looking into this for a while now but from I can gather there is currently no option in TinyMCE to disable certain characters from being converted to entities.

I can understand the reason behind this, valid HTML is always nice, however, I really need a way to stop this, I have an email template editor where the client can edit there email templates and insert certain template variables (i.e. Account::first()->first_name which grabs the first name of the customer).

TinyMCE is converting -> to ->

Is there anyway I can prevent this on the TinyMCE side of things?

1
javascripttinymcewysiwygtinymce-4
How are you getting content from TinyMCE?Amadan
Isn't that irrelevant? As it is TinyMCE changing the characters before the text is being saved to the database? The content is TinyMCE is from a PHP var.ChrisBratherton
Not getting it into TinyMCE - getting it out. You are getting HTML markup. HTML will always have > in it; TinyMCE is not changing anything, it is giving you the HTML as it is represented in the DOM. You want to transform it additionally into something else.Amadan
It's not as bad with >, but it would be catastrophic with <: <p> foo &lt; bar </p> ends up as non-parsable <p> foo < bar </p>. What do you propose to happen? And if you know that you only write plaintext, you could just strip tags and convert to text (actually, extremely easily - $('<div/>').html(tinyMCE.activeEditor.getContent()).text() or slightly longer plainJS equivalent - but then why use TinyMCE and not textarea?Amadan
Sorry, I'm not quite understanding. My TinyMCE is not in plain HTML mode, its for the client to make things bold, change colour, fonts etc. So it has all the standard TinyMCE options. If a > character is entered within this text area next to say a bolded element, TinyMCE is encoding the character as &gt; which makes sense I guess, but I want this to stop?ChrisBratherton

1 Answers

1
votes

As I said extensively in comments - it makes no sense to stop TinyMCE producing valid HTML, because the results become unpredictable.

Instead, de-HTML-ify the template tags and only them to produce the correct template:

function sanitizeTemplate(content) {
  var div = document.createElement('div');
  return content.replace(/{{.*?}}/g, function(mustache) {
    div.innerHTML = mustache;
    return div.textContent;
  });
}

// var content = tinyMCE.activeEditor.getContent();
content = "<p>Dear {{ Account::first()-&gt;first_name }}</p><p>Thank you for not using &lt;script&gt; tags.</p>";

snippet.log("Received from editor:");
snippet.log(content);
var template = sanitizeTemplate(content);
snippet.log("The fixed template:");
snippet.log(template);
<!-- Provides the `snippet` object, see http://meta.stackexchange.com/a/242144/134069 -->
<script src="http://tjcrowder.github.io/simple-snippets-console/snippet.js"></script>

Note that here everything that is not a template tag still remains intact, and valid HTML (in particular, the <script> that the user typed will not magically become a HTML tag and try to get executed).