I'd like to use Paste format in order to clean up pasted html before saving. Since I'm already using wysiwyg_filter I'd like to use that for a 'cleanup format'.

One use case it to prevent users from pasting base-64 encoded images from Word etc. into the html. The WYSIWYG API + CKEditor forced cleanup setting prevents most of this, but (depending on the browser?), some users are still able to paste in these images.

Could wysiwyg_filter be made to filter out such instances? HTML looks like this:
<img src="data:image/png;base64,xxxxxx" />, where xxxxxx is a ridiculously long string.


Mouna Hammami’s picture

I have had the same problem when i activated wysiwyg_filter in my Drupal site
After searching for hours in the code of the module, i could note that the problem is caused by the call of filter_xss_bad_protocol for src attributes of img element.
To solve the problem, i have excluded src attributes og img elements from the filter_xss_bad_protocol call and this works fine!
You can try it by applying this patch