-
Notifications
You must be signed in to change notification settings - Fork 2
Changelog
neikiri edited this page Jun 15, 2026
·
4 revisions
Version history and release notes for Neiki's Editor.
- Added new built-in theme:
midnight— deep black editor background (#0a0a10), slightly lighter toolbar (#111118), and purple-pink accent color (#c084fc) - Added
theme.midnighttranslation key to all 8 built-in languages (en, cs, zh, es, de, fr, pt, ja)
- Fixed empty editor submitting
<p><br></p>instead of a blank value —getContent()now returns an empty string when the editor contains only the default empty block inserted by the browser
- Hid the left-side block drag grip on touch and coarse-pointer devices, relying on the existing move up/down toolbar buttons for precise block repositioning
- Fixed blockquote toggling when the quote contains a nested
<p>by unwrapping the active<blockquote>instead of formatting the inner paragraph - Added missing i18n keys for the Insert Video toolbar item, dropdown item, modal labels, upload states, and validation messages across all built-in languages
- Fixed a polynomial regular expression risk in the HTML code view formatter by replacing the regex tokenizer with a deterministic linear scan
- Added two new built-in themes: Blue and Dark Blue
- Added Insert → Video with URL / file-upload modal, base64 embedding, and optional
videoUploadHandler - Added video resizing, repositioning, replacement, delete toolbar actions, and drag-and-drop video file insertion
- Added drag-and-drop moving for selected text inside the editor
- Added a shared caret-style drop indicator for dragged text, images, and videos
- Replaced the old Toggle Theme action with a translated Change theme select (Light, Dark, Blue, Dark Blue)
- Improved HTML code view: formatted multi-line HTML with syntax highlighting
- Fixed editor grip SVGs occasionally being inserted into the document — grip handles moved outside editable content
- Prevented native blue selection highlights on selected images/videos and their media toolbars
- Stripped editor UI from dragged fragments
- Fixed a cross-site scripting (XSS) vulnerability in the HTML sanitizer's entity decoding — replaced
innerHTML-based decoding with a safe regex approach that only resolves named and numeric HTML entities without ever parsing HTML
- Added
codetoolbar button with smart behavior: single-line selection → inline<code>, multi-line →<pre><code>block. Works as a toggle (click again to unwrap). Included in default toolbar betweensubscriptandremoveFormat. - Fixed text not being wrapped in
<p>after toggling off Bullet List or Numbered List - Fixed HTML entities being displayed as literal text instead of decoded
- Renamed
custom_classconfig option tocustomClass(camelCase). Old name still works for backward compatibility. - Added
toolbar.codetranslation key to all 8 built-in languages
- Added
custom_classconfig option (nowcustomClass) - Fixed
display: inline-blockon.neiki-content imgfor compatibility with CSS resets
- Security: Reworked autosave storage key normalization to avoid polynomial regex on uncontrolled input
-
Security: Updated HTML sanitization parsing to avoid
DOMParser.parseFromString - Improved image insert dialog: prominent upload area, click-to-select, drag-and-drop support, selected-file feedback
- Added responsive upload-zone styling for mobile
- Removed selector-string URL escaping when applying
target="_blank"to links - Fixed floating selection toolbar positioning when page is scrolled and toolbar is sticky
- Changed license from MIT to GNU AGPLv3
- Fixed autosave storage collisions by scoping
localStoragekeys per page URL + editor identity - Added
autosaveKeyconfig option anddata-neiki-autosave-keyattribute for custom draft scopes - Security: Hardened HTML sanitization for autosave restoration, textarea/source HTML, and public HTML insertion
- Security: Fixed unsafe modal value interpolation for link/image dialogs
-
Security: Guarded translation/config merging against prototype pollution (
__proto__,prototype,constructor) - Removed unused internal variables
- Added Drag to Reposition Images — drag images to any position in the editor, including inline placement
- Added Image-Specific Toolbar — contextual toolbar with Drag handle, Move Block Up/Down, Replace, and Delete actions
- Added Replace Image action — quickly swap a selected image via file picker
- Fixed image toolbar positioning near the top of the editor
- Fixed Blockquote Toggle — clicking again now properly removes the blockquote
- Added Sticky Toolbar — when
maxHeightis null, the toolbar usesposition: sticky - Fixed font size selection being lost after clicking +/− buttons or preset dropdown
- Fixed resized image dimensions not being preserved on form submission
- New translation keys for image toolbar in all 8 languages
- Added Touch/Mobile Image Drag & Drop support
- Improved modal responsiveness for mobile (max-height, scrollable body, stacked rows, iOS zoom prevention)
- Fixed image URL insertion placing images at wrong cursor position
- Fixed selected image deletion after undo
- Added copy and cut support for selected images (including HTML clipboard data)
- Fixed Emoji picker and Insert dropdown positioning on narrow screens
- Added Multiple Image Upload — dialog accepts multiple files, all inserted sequentially
- Added
imageUploadHandlerconfig option — async(file) => Promise<url>for server/CDN uploads - When
imageUploadHandleris configured, drag & drop and clipboard paste also use the handler - Added clipboard image paste support (
Ctrl+V) - Image dialog hint text dynamically reflects base64 vs handler mode
Getting Started
Reference
Extending
Integration
Features & UI
Project