Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Enter chat.
Post an HTML link <a href="example.com/test">Test</a>
.
The "Enter your text message here" button will be changed to a link to mysite.com/drupal/content/example.com/test
.
Chatting in this room will become impossible until you send a normal message via "Chat" button and eventually refresh the site.
Comments
Comment #1
Anonymous (not verified) CreditAttribution: Anonymous commentedhuh, that doesn't sound good. patches welcome.
Comment #2
Anonymous (not verified) CreditAttribution: Anonymous commentedcheck_plain() and strip_tags() seem to be enough in chatroom_post_message() -function.
Like so:
Of course this might be too strict for someone else.
Comment #3
Anonymous (not verified) CreditAttribution: Anonymous commentednope.
we don't filter on the way in, only on the way out - we should always store the raw input.
on the way out, we run whatever filters are configured. if you allow full html, you allow full html.
if you don't want that, change the filter.