Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
When using HTML Filter on flash embedding markup, HTML Filter replaces:
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" height="200" width="200">[...]</object>
by:
<object classid="d27cdb6e-ae6d-11cf-96b8-444553540000" height="200" width="200">[...]</object>
The clsid: prefix is removed, thus preventing flash content to show up in Internet Explorer.
Comment | File | Size | Author |
---|---|---|---|
#4 | drupal.filter-clsid.4.patch | 1.88 KB | sun |
Comments
Comment #1
GreenReaperSame here, but I'm also seeing this in Drupal 6.19. Subscribing.
Comment #2
taslett CreditAttribution: taslett commentedIn D7 the function drupal_strip_dangerous_protocols http://api.drupal.org/api/function/drupal_strip_dangerous_protocols/7
contains a list of allowed protocols.
There is a variable filter_allowed_protocols which it attempts to read from although I can't see where it is actually set.
I'm not sure if the clsid is considered dangerous, if it should be added to the list or added via a config settings page somewhere if needed.
Comment #3
anrikun CreditAttribution: anrikun commentedFYI, the CKEditor SWF module provides a workaround to this issue.
Comment #4
sunNo harm in adding that, I think.
Comment #5
sun#4: drupal.filter-clsid.4.patch queued for re-testing.
Comment #7
sun#4: drupal.filter-clsid.4.patch queued for re-testing.
Comment #9
sun#4: drupal.filter-clsid.4.patch queued for re-testing.