Skip to content
Permalink
Browse files

Apply the ViewSource plugin's filter on the editor's content.

  • Loading branch information
edhager committed May 1, 2019
1 parent 70c5c02 commit 5c0da9d5890e2a7395b0e85119b141e8d988f99e
Showing with 58 additions and 7 deletions.
  1. +24 −6 _editor/plugins/ViewSource.js
  2. +34 −1 tests/editor/test_ViewSource.html
@@ -114,6 +114,15 @@ var ViewSource = declare("dijit._editor.plugins.ViewSource",_Plugin, {
this.editor = editor;
this._initButton();

// Filter the html content when it is set and retrieved in the editor.
this.removeValueFilterHandles();
this._setValueFilterHandle = aspect.before(this.editor, "setValue", lang.hitch(this, function (html) {
return [this._filter(html)];
}));
this._getValueFilterHandle = aspect.after(this.editor, "getValue", lang.hitch(this, function (html) {
return this._filter(html);
}));

this.editor.addKeyHandler(keys.F12, true, true, lang.hitch(this, function(e){
// Move the focus before switching
// It'll focus back. Hiding a focused
@@ -158,9 +167,6 @@ var ViewSource = declare("dijit._editor.plugins.ViewSource",_Plugin, {
return cmd.toLowerCase() === "viewsource";
};
this.editor.onDisplayChanged();
html = ed.get("value");
html = this._filter(html);
ed.set("value", html);
array.forEach(edPlugins, function(p){
// Turn off any plugins not controlled by queryCommandenabled.
if(p && !(p instanceof ViewSource) && p.isInstanceOf(_Plugin)){
@@ -176,7 +182,7 @@ var ViewSource = declare("dijit._editor.plugins.ViewSource",_Plugin, {
};
}

this.sourceArea.value = html;
this.sourceArea.value = ed.get("value");

// Since neither iframe nor textarea have margin, border, or padding,
// just set sizes equal
@@ -233,7 +239,7 @@ var ViewSource = declare("dijit._editor.plugins.ViewSource",_Plugin, {

this._setListener = aspect.after(this.editor, "setValue", lang.hitch(this, function(htmlTxt){
htmlTxt = htmlTxt || "";
htmlTxt = this._filter(htmlTxt);
// htmlTxt was filtered in setValue before aspect.
this.sourceArea.value = htmlTxt;
}), true);
}else{
@@ -260,8 +266,8 @@ var ViewSource = declare("dijit._editor.plugins.ViewSource",_Plugin, {
ed.queryCommandEnabled = ed._sourceQueryCommandEnabled;
if(!this._readOnly){
html = this.sourceArea.value;
html = this._filter(html);
ed.beginEditing();
// html will be filtered in setValue aspect.
ed.set("value", html);
ed.endEditing();
}
@@ -516,6 +522,17 @@ var ViewSource = declare("dijit._editor.plugins.ViewSource",_Plugin, {
return html;
},

removeValueFilterHandles: function () {
if (this._setValueFilterHandle) {
this._setValueFilterHandle.remove();
delete this._setValueFilterHandle;
}
if (this._getValueFilterHandle) {
this._getValueFilterHandle.remove();
delete this._getValueFilterHandle;
}
},

setSourceAreaCaret: function(){
// summary:
// Internal function to set the caret in the sourceArea
@@ -560,6 +577,7 @@ var ViewSource = declare("dijit._editor.plugins.ViewSource",_Plugin, {
this._setListener.remove();
delete this._setListener;
}
this.removeValueFilterHandles();
this.inherited(arguments);
}
});
@@ -9,12 +9,21 @@
<script type="text/javascript">
require([
"dojo/parser",
"dijit/registry",
"dijit/Editor",
"dijit/_editor/plugins/ViewSource",
"dijit/_editor/plugins/FullScreen",
"dojo/domReady!"
], function(parser){
], function(parser, registry){
parser.parse();

var editor = registry.byId("editor7");
editor.set("value", "<h1>ViewSource Plugin with script tags in content set via setValue.</h1>" +
"<iframe srcdoc=\"<div>Hello from iFrame!</div>\"></iframe>" +
"<h2>Things to test:</h2>\n" +
"<ol>" +
"<li>An iframe should not be displayed.</li>" +
"</ol>");
});
</script>
</head>
@@ -105,6 +114,30 @@ <h2>Things to test:</h2>
</div>
<br>
<br>
<div>
<div id="editor6" data-dojo-type="dijit/Editor"
data-dojo-props='"aria-label":"editor3",extraPlugins:["fullScreen", "viewSource"],
style:"background-color: white; width: 800px;", height:"300px" '>
<h1>ViewSource Plugin with script tags in content.</h1>

<iframe srcdoc="<div>Hello from iFrame!</div>"></iframe>

<h2>Things to test:</h2>
<ol>
<li>An iframe should not be displayed.</li>
</ol>
</div>
</div>
<br>
<br>
<div>
<div id="editor7" data-dojo-type="dijit/Editor"
data-dojo-props='"aria-label":"editor3",extraPlugins:["fullScreen", "viewSource"],
style:"background-color: white; width: 800px;", height:"300px" '>
</div>
</div>
<br>
<br>
<div>Content after the editors.</div>
</body>
</html>

0 comments on commit 5c0da9d

Please sign in to comment.
You can’t perform that action at this time.