Skip to content

Commit 26e0b4e

Browse files
thorstenthorsten
committed
Merge branch '4.1' into 'main'
2 parents e539022 + 0cabeb9 commit 26e0b4e

2 files changed

Lines changed: 11 additions & 4 deletions

File tree

phpmyfaq/admin/assets/src/content/editor.ts

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -93,7 +93,7 @@ export const renderEditor = () => {
9393
useSplitMode: false,
9494
askBeforePasteFromWord: true,
9595
processPasteFromWord: true,
96-
defaultActionOnPasteFromWord: 'insert_clear_html',
96+
defaultActionOnPasteFromWord: Jodit.constants.INSERT_AS_TEXT,
9797
colors: {
9898
greyscale: [
9999
'#000000',
@@ -244,7 +244,7 @@ export const renderEditor = () => {
244244
events: {},
245245
textIcons: false,
246246
uploader: {
247-
url: '/admin/api/content/images?csrf=' + (document.getElementById('pmf-csrf-token') as HTMLInputElement).value,
247+
url: './api/content/images?csrf=' + (document.getElementById('pmf-csrf-token') as HTMLInputElement).value,
248248
format: 'json',
249249
isSuccess: (response: UploaderResponse) => {
250250
return !response.error && response.success === true;
@@ -264,7 +264,7 @@ export const renderEditor = () => {
264264
},
265265
filebrowser: {
266266
ajax: {
267-
url: '/admin/api/media-browser',
267+
url: './api/media-browser',
268268
contentType: 'application/json; charset=UTF-8',
269269
},
270270
createNewFolder: false,

phpmyfaq/src/phpMyFAQ/Helper/FaqHelper.php

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -135,7 +135,14 @@ public function cleanUpContent(string $content): string
135135
->allowMediaHosts($allowedHosts)
136136
->allowLinkSchemes(['https', 'http', 'mailto', 'data']));
137137

138-
$sanitizedContent = $htmlSanitizer->sanitize($content);
138+
// Suppress HTML parser warnings during sanitization, as Dom\HTMLDocument::createFromString()
139+
// emits tokenizer warnings for slightly malformed user-generated HTML content
140+
$previousErrorReporting = error_reporting(E_ALL & ~E_WARNING);
141+
try {
142+
$sanitizedContent = $htmlSanitizer->sanitize($content);
143+
} finally {
144+
error_reporting($previousErrorReporting);
145+
}
139146

140147
$sanitizedContent = preg_replace(
141148
'/<iframe\b(?:(?!src)[^>])*>\s*<\/iframe>/i',

0 commit comments

Comments
 (0)