PrimeFaces 7.0 <p:textEditor HTML-sanitizer discards text formatting, such as centering

久未见 提交于 2021-01-28 13:52:56

问题


In PrimeFaces 8, it seems to be possible to enable / disable HMTML -sanitizer when using the <p:textEditor component by just specifying secure='false' for disabling it and secure='true' for enabling it. I tried to disable it in PrimeFaces 7.0 like this:

  <p:textEditor id="quillToolbarId" secure='false' widgetVar="editor2" height="300" value="#{editTemplatesBean.kaufAnbotTemplate}" placeholder="Enter your content">

but the sanitizer still seems to be working.

My problem is that whenever I format a text in the primeFaces p:textEditor to be center-aligned, the HTML sanitizer just removes my formatting, so the text ends up without formatting.

One way to work this around is to use directly Quill and not Sanitize the input.This works, but then I face other problems, such as this one:

https://github.com/quilljs/quill/issues/1379

which also need to be worked-around.

Please help!


回答1:


There is no secure property in TextEditor for PrimeFaces 7. If you look at the code of TextEditorRenderer.decode you will see that the sanitzier is called

if (PrimeApplicationContext.getCurrentInstance(context).getEnvironment().isHtmlSanitizerAvailable()) {
    value = HtmlSanitizer.sanitizeHtml(value,
          editor.isAllowBlocks(), editor.isAllowFormatting(),
          editor.isAllowLinks(), editor.isAllowStyles(), editor.isAllowImages());
}

And if you look into PrimeEnvironment you'll see that the property will be set if the class org.owasp.html.PolicyFactory is available on classpath:

htmlSanitizerAvailable = LangUtils.tryToLoadClassForName("org.owasp.html.PolicyFactory") != null

So you either:

  • update to PF 8
  • make sure that you don't have this class on the classpath
  • override the renderer and change/remove the code for the check


来源:https://stackoverflow.com/questions/62171340/primefaces-7-0-ptexteditor-html-sanitizer-discards-text-formatting-such-as-ce

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!