Hello Jafet,
Can you try by modifying wysiwig editor in hmc.xml for particular attribute in a itemtype.
So, i have enabled certain html tags which won't be removed after i save in wysiwig editor.
<attribute name="htmlPage">
<wysiwygeditor config="theme : 'advanced',
allow_script_urls : true,
convert_urls : false,
plugins : 'table,save,advhr,advimage,advlink,emotions,iespell,insertdatetime,searchreplace,print,contextmenu,hybris,safari',
theme_advanced_buttons1_add : 'fontselect,fontsizeselect',
theme_advanced_buttons2_add : 'separator,insertdate,inserttime,separator,forecolor,backcolor',
theme_advanced_buttons2_add_before: 'cut,copy,paste,separator,search,replace,separator',
theme_advanced_buttons3_add_before : 'tablecontrols,separator',
theme_advanced_buttons3_add : 'emotions,iespell,advhr,separator,medialink,anyitemlink',
theme_advanced_toolbar_location : 'top',
theme_advanced_toolbar_align : 'left',
plugin_insertdate_dateFormat : '%Y-%m-%d',
plugin_insertdate_timeFormat : '%H:%M:%S',
valid_elements: '+a[id|style|rel|rev|charset|hreflang|dir|lang|tabindex|accesskey|type|name|href|target|title|class|onfocus|onblur|onclick|ondblclick|onmousedown|onmouseup|onmouseover|onmousemove|onmouseout|onkeypress|onkeydown|onkeyup],-strong[class|style],-b[class|style],-em[class|style],-i[class|style],-strike[class|style],-u[class|style],#p[id|style|dir|class|align],-ol[class|style],-ul[class|style],-li[class|style],br,img[id|dir|lang|longdesc|usemap|style|class|src|onmouseover|onmouseout|border|alt=|title|hspace|vspace|width|height|align],-sub[style|class],-sup[style|class],-blockquote[dir|style],-table[border=0|cellspacing|cellpadding|width|height|class|align|summary|style|dir|id|lang|bgcolor|background|bordercolor],-tr[id|lang|dir|class|rowspan|width|height|align|valign|style|bgcolor|background|bordercolor],tbody[id|class],thead[id|class],tfoot[id|class],-td[id|lang|dir|class|colspan|rowspan|width|height|align|valign|style|bgcolor|background|bordercolor|scope],-th[id|lang|dir|class|colspan|rowspan|width|height|align|valign|style|scope],caption[id|lang|dir|class|style],-div[id|dir|class|align|style],-span[style|class|align],-pre[class|align|style],address[class|align|style],-h1[id|style|dir|class|align],-h2[id|style|dir|class|align],-h3[id|style|dir|class|align],-h4[id|style|dir|class|align],-h5[id|style|dir|class|align],-h6[id|style|dir|class|align],hr[class|style],-font[face|size|style|id|class|dir|color],dd[id|class|title|style|dir|lang],dl[id|class|title|style|dir|lang],dt[id|class|title|style|dir|lang]',
extended_valid_elements : '+link[rel|type|href],+script[language|type|src],a[name|href|target|title|onclick],img[class|src|border=0|alt|title|hspace|vspace|width|height|align|onmouseover|onmouseout|name],hr[class|width|size|noshade],font[face|size|color|style],span[class|align|style],style[*],embed[width|height|name|flashvars|src|bgcolor|align|play|loop|quality|allowscriptaccess|type|pluginspage],iframe[src|width|height|name|align]',
" />
</attribute>
Internally hybris uses Tiny MCE.
Refer wiki link link text
If you want to enable all html elements then below mentioned config can be used.
valid_elements : '*[*]'
And to prevent web related security setting to REJECT or STRIP content please modify the following XSS settings.
# enable globally
xss.filter.enabled=true
# override per extension:
# hac.xss.filter.enabled=false
# define action on violation matching globally
# STRIP .. strips all text occurrences which match the patterns below but allow
# processing the request (default)
# REJECT.. if any pattern matches the whole request gets rejected with the BAD REQUEST
# error code
xss.filter.action=STRIP
# override per extension
# hac.xss.filter.action=REJECT
# our default rules
xss.filter.rule.script_fragments=(?i)<script>(.*?)</script>
xss.filter.rule.src=(?ims)[\\s\r\n]+src[\\s\r\n]*=[\\s\r\n]*'(.*?)'
xss.filter.rule.lonely_script_tags=(?i)</script>
xss.filter.rule.lonely_script_tags2=(?ims)<script(.*?)>
xss.filter.rule.eval=(?ims)eval\\((.*?)\\)
xss.filter.rule.expression=(?ims)expression\\((.*?)\\)
xss.filter.rule.javascript=(?i)javascript:
xss.filter.rule.vbscript=(?i)vbscript:
xss.filter.rule.onload=(?ims)onload(.*?)=
# again, override per extension
# hac.xss.filter.rule.vbscript=
Thanks & Regards
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.