Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.I'd like to use Paste format in order to clean up pasted html before saving. Since I'm already using wysiwyg_filter I'd like to use that for a 'cleanup format'.
One use case it to prevent users from pasting base-64 encoded images from Word etc. into the html. The WYSIWYG API + CKEditor forced cleanup setting prevents most of this, but (depending on the browser?), some users are still able to paste in these images.
Could wysiwyg_filter be made to filter out such instances? HTML looks like this:
<img src="data:image/png;base64,xxxxxx" />, where xxxxxx is a ridiculously long string.
| Comment | File | Size | Author |
|---|---|---|---|
| #1 | wysiwyg_filter_filter_image_src_attr-1864732-1.patch | 798 bytes | Mouna Hammami |
Comments
Comment #1
Mouna Hammami CreditAttribution: Mouna Hammami commentedHi,
I have had the same problem when i activated wysiwyg_filter in my Drupal site
After searching for hours in the code of the module, i could note that the problem is caused by the call of filter_xss_bad_protocol for src attributes of img element.
To solve the problem, i have excluded src attributes og img elements from the filter_xss_bad_protocol call and this works fine!
You can try it by applying this patch
Comment #2
geek-merlinSee #2822952: Do not Filter src="data:image..." base-64-encoded images