blackteay/ThinkAdmin
1
0
Fork 0
mirror of https://gitee.com/zoujingli/ThinkAdmin.git synced 2025-04-05 19:41:44 +08:00
Code Issues Projects Releases Wiki Activity

编辑器xss过滤

Browse Source
This commit is contained in:
邹景立 2021-09-15 14:35:03 +08:00
parent 0d986db969
commit 94b9b68b4f
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
public/static/plugs/ckeditor/config.js
View File

@ -8,11 +8,13 @@ CKEDITOR.editorConfig = function (config) {
{name: 'uimage', items: ['Link', 'Unlink', 'Table', 'UploadImage', 'UploadMusic', 'UploadVideo', 'UploadHtml']},
{name: 'tools', items: ['Maximize']}
];
config.allowedContent = true;
config.format_tags = 'p;h1;h2;h3;pre';
config.extraPlugins = 'uimage,umusic,uhtml,uvideo';
config.removeButtons = 'Underline,Subscript,Superscript';
config.removeDialogTabs = 'image:advanced;link:advanced';
// 内容过滤
config.allowedContent = {$1: {elements: CKEDITOR.dtd, attributes: true, styles: true, classes: true}};
config.disallowedContent = 'script; *[on*]';
config.font_names = '微软雅黑/Microsoft YaHei;宋体/SimSun;新宋体/NSimSun;仿宋/FangSong;楷体/KaiTi;黑体/SimHei;' + config.font_names;
};