I'm using Drupal 5.7 and inserted Youtube code directly into my node body. Set my input format to Full HTML and also allowed the tag in the Full HTML format under the Input Format settings.

When I insert the code and then go back to rich text via Tinymce I can see the video. However, when I submit the node. All I get is a place holder. I also cleared cache and ran cron just to make sure that they were not an issue.

Any ideas on how to fix? Thanks in advance.

Comments

arh1’s picture

does the markup in your rendered page look exactly like the youtube's "embed" markup? can you provide a URL?

Thomasr976’s picture

I'm still testing the site. This is what the code looks like from Youtube, the edit view and the View Source in IE6.0.

This is the embedded code from Youtube:

<object width="425" height="355"><param name="movie" value="http://www.youtube.com/v/TkrRblKLvJw&hl=en"></param><param name="wmode" value="transparent"></param><embed src="http://www.youtube.com/v/TkrRblKLvJw&hl=en" type="application/x-shockwave-flash" wmode="transparent" width="425" height="355"></embed></object>

This is what is in my node when I am editing it:

<object width="425" height="355">
	<param name="movie" value="http://www.youtube.com/v/TkrRblKLvJw&amp;hl=en">
	</param>
	<param name="wmode" value="transparent">
	</param>
</object>

This is what is in my view source of the web page:

See if you agree. </p>
<p><object width="425" height="355"></p>
<p></object></p>

I have set full html for

and . This is what Full HTML looks like in so far as allowed tags.
Allowed HTML tags: <a> <em> <strong> <b><cite> <code> <ul> <ol> <li> <dl> <dt> <dd><img><script><object><embed><form><inline><iframe>
Use the special tag [adsense:format:group:channel] or [adsense:flexiblock:location] to display Google AdSense ads.
Web page addresses and e-mail addresses turn into links automatically.
Lines and paragraphs break automatically.
Thanks for taking a look.
arh1’s picture

so you added an HTML filter to your Full HTML input format...

i don't see <param> in your list of allowed tags. (note that i'm not sure what security risks might be exposed by use of that tag -- be sure to research that. and keep in mind that Full HTML -- i.e. with no filters -- is a security risk in and of itself, and should only be allowed for highly trusted users.)

also the line break converter is what's wrapping <p> tags around each line. you'll need to either remove that filter, or put all of the object/embed code on one line (may not validate).

Thomasr976’s picture

Took your advice and researched the Youtube security risks (see http://www.google.com/search?q=youtube+code+security+risks&ie=utf-8&oe=u...
). There appear to be cross site scripting vulnerabilities and lots of security holes according to a white hat hacker. No specifics on the latter though. Who knows.

So I eliminated the embed tag and never used the param tag. I am still using the Youtube video, but just linking to the actual video page. Just in case you are wondering only the administer has rights to use the Full HTML input format.

Really appreciate the time you spent helping me. Also thanks to other responders.

scoutbaker’s picture

This appears to be related to http://drupal.org/node/229102.

"Nice to meet you Rose...run for your life." - The Doctor

giorgosk’s picture

Had same problem with drupal 6 and tinymce 3
this could help you out
http://drupal.org/node/249946#comment-892229

------
GiorgosK
Geoland Web development / web marketing

------
GiorgosK
Web Development