I try to make a filter not allowing all tags, but at least it should make TinyMCE somewhat WYSIWYG. I added them to "Allowed HTML tags" but still the keep being filtered out. Is this a bug?

CommentFileSizeAuthor
#9 filter.module-xhtml-close-tag_02.patch465 bytesfrjo
#8 filter.module-xhtml-close-tag.patch528 bytestclineks
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

ñull’s picture

ñull CreditAttribution: ñull commented

Sorry. The "them" I added to "Allowed HTML tags" were
and
.

ñull’s picture

ñull CreditAttribution: ñull commented

I added these to "Allowed HTML tags": <br> </br>

alexanderpas’s picture

alexanderpas CreditAttribution: alexanderpas commented
Title: Permitting <br /> » Permitting <br />, <hr />, <img /> etc. while keeping XHTML 1.0 Strict Compliance
Category: support » bug

i noticed that is is inpossible to add any self-closing xhtml codes in the proper way so it keeps XHTML Strict Compliance

frjo’s picture

frjo CreditAttribution: frjo commented
Title: Permitting <br />, <hr />, <img /> etc. while keeping XHTML 1.0 Strict Compliance » HTML filter breaking XHTML 1.0 Strict Compliance by removing closing slash at end of tag

I have noticed this also. The HTML filter will convert

<img src="path/to/image.jpg" />

in to this

<img src="path/to/image.jpg">

breaking XHTML 1.0 Strict Compliance.

chx’s picture

chx CreditAttribution: chx commented
Status: Active » Fixed

4.6.4 and on has filter_xss which takes special care to keep the XHTML slash.

frjo’s picture

frjo CreditAttribution: frjo commented
Version: 4.6.2 » 4.6.4
Status: Fixed » Active

I missed to change the version info, sorry.

I have this problem with 4.6.4, and setting line 1097 in filter.module,v 1.57.2.10

  // Is there a closing XHTML slash at the end of the attributes?
  $xhtml_slash = preg_match('%\s/\s*$%', $attr) ? '/' : '';

to this

  // Is there a closing XHTML slash at the end of the attributes?
  $xhtml_slash =  '/';

doesn't help.

(I believe $attr should be $attrlist since $attr is never set in function _filter_xss_split and should there not be a space before the closing slash?)

frjo’s picture

frjo CreditAttribution: frjo commented
Version: 4.6.4 » 4.6.5

Problem persist with Drupal 4.6.5.

tclineks’s picture

tclineks CreditAttribution: tclineks commented
Status: Active » Needs review
FileSize
filter.module-xhtml-close-tag.patch528 bytes

$attr to $attrlist fixes this.

patch attached (patched against 4.6.5).

frjo’s picture

frjo CreditAttribution: frjo commented
FileSize
filter.module-xhtml-close-tag_02.patch465 bytes

This works for me now, I must have done something wrong when I did the testing in my last post.

I suggest we also add a space before the closing slash, that is what my patch adds.

Steven’s picture

Steven CreditAttribution: Steven commented
Status: Needs review » Fixed

I committed a slightly tweaked patch: the code would always add a space after the tag name, even if there were no attributes (e.g. <tag >) and it would not recognize the XHTML slash without the (optional) leading space (e.g. <tag/>).

Thanks.

tclineks’s picture

tclineks CreditAttribution: tclineks commented

Looks like the extra space will still be there with that commit Steven.

http://drupal.org/node/27230 is a patch for this -- your conditional is cleaner.

Steven’s picture

Steven CreditAttribution: Steven commented

Err, how? This is the code:

  // Is there a closing XHTML slash at the end of the attributes?
  $xhtml_slash = preg_match('%\s?/\s*$%', $attrlist) ? ' /' : '';

  // Clean up attributes
  $attr2 = implode(' ', _filter_xss_attributes($attrlist));
  $attr2 = preg_replace('/[<>]/', '', $attr2);
  $attr2 = strlen($attr2) ? ' '. $attr2 : '';

  return "<$elem$attr2$xhtml_slash>";

$attrlist only contains non-empty strings, without leading or trailing spaces. And $attr2 only gets prefixed with a space if it is non-empty. So, there can only be a space between $elem and $attr2, if there are attributes.

As far as the leading space for the XHTML slash, that is recommended by W3C.

tclineks’s picture

tclineks CreditAttribution: tclineks commented 
  // Is there a closing XHTML slash at the end of the attributes?
  $xhtml_slash = preg_match('%\s?/\s*$%', $attrlist) ? ' /' : '';
  // Clean up attributes
  $attr2 = implode(' ', _filter_xss_attributes($attrlist));
  $attr2 = preg_replace('/[<>]/', '', $attr2);
  $attr2 = strlen($attr2) ? ' '. $attr2 : '';
  return "<$elem $attr2$xhtml_slash>";

that's the code: last line still have space between $elem and $attr
http://cvs.drupal.org/viewcvs/drupal/drupal/modules/filter.module?r1=1.9...

tclineks’s picture

tclineks CreditAttribution: tclineks commented

Has*

Sorry about not being very clear there.

tclineks’s picture

tclineks CreditAttribution: tclineks commented

Whoops!
http://cvs.drupal.org/viewcvs/drupal/drupal/modules/filter.module?r1=1.9...
doesn't show the change on that line but it's there, fixed indeed.

Anonymous’s picture

(not verified) CreditAttribution: commented
Status: Fixed » Closed (fixed)