#3407: scripts aren't protected while loading content
-------------------------------+--------------------------------------------
Reporter: alfonsoml | Owner: arczi
Type: Bug | Status: assigned
Priority: Normal | Milestone: CKEditor 3.0
Component: General | Version: SVN (CKEditor)
Keywords: Confirmed Review- |
-------------------------------+--------------------------------------------
Changes (by fredck):
* keywords: Confirmed Review? => Confirmed Review-
Comment:
The problem here, and the thing to keep in mind, is that the protect
source feature must leave the original source "perfectly intact". So, we
should not use the parser for it... for input processing at least.
This feature is supposed to be much simple. It should be implemented
almost entirely in the htmlprocessor plugin:
* On input, the original data is processed, simply running the protection
replacement regexes, inserting comments in place of protected text (just
like V2).
* On output, a filter for comments would replace them with the relative
original string (CDATA).
It should look like V2 in many ways, which is actually a quite simple
feature. We don't need a dedicated plugin or too much code for that.
Also, just like stated Garry, some protection is to be done by default,
like comments and scripts (just like V2). Others, come from configuration.
The "element" protection idea is interesting, but it would have much few
usage. We need it for <script> actually, but we're already doing that
internally in the code, so we can come with the proper regex for that.
Also, I don't see the point of having a name for each config entry. So,
the config should look like this:
{{{
CKEDITOR.config.protectedSource =
[
/<%[\s\S]*?%>/g, // ASP Code
/(<asp:[^\>]+>[\s|\S]*?<\/asp:[^\>]+>)|(<asp:[^\>]+\/>)/gi, //
ASP.Net Tags
/<\?[\s\S]*?\?>/g // PHP Code
];
}}}
To summarize, we should keep it simple here, not missing the experience we
have made with V2.
--
Ticket URL: <http://dev.fckeditor.net/ticket/3407#comment:11>
FCKeditor <http://www.fckeditor.net/>
The text editor for Internet
------------------------------------------------------------------------------
Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT
is a gathering of tech-side developers & brand creativity professionals. Meet
the minds behind Google Creative Lab, Visual Complexity, Processing, &
iPhoneDevCamp asthey present alongside digital heavyweights like Barbarian
Group, R/GA, & Big Spaceship. http://www.creativitycat.com
_______________________________________________
FCKeditor-Trac mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fckeditor-trac
