UNPKG

jodit

Version:

Jodit is an awesome and useful wysiwyg editor with filebrowser

xdsoft.net/jodit/

xdan/jodit

190 lines (189 loc) 7.09 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
/*! * Jodit Editor (https://xdsoft.net/jodit/) * Released under MIT see LICENSE.txt in the project root for license information. * Copyright (c) 2013-2026 Valerii Chupurnov. All rights reserved. https://xdsoft.net */ /** * @module plugins/clean-html */ import type { HTMLTagNames, IDictionary, Nullable } from "../../types/index"; declare module 'jodit/config' { interface Config { cleanHTML: { timeout: number; /** * Replace &amp;nbsp; to plain space */ replaceNBSP: boolean; /** * Remove empty P tags, if they are not in the beginning of the text */ fillEmptyParagraph: boolean; /** * Remove empty elements */ removeEmptyElements: boolean; /** * Replace old tags to new eg. <i> to <em>, <b> to <strong> */ replaceOldTags: IDictionary<HTMLTagNames> | false; /** * You can use an iframe with the sandbox attribute to safely paste and test HTML code. * It prevents scripts and handlers from running, but it does slow things down. * * ```javascript * Jodit.make('#editor', { * cleanHTML: { * useIframeSandbox: true * } * }); * ``` */ useIframeSandbox: boolean; /** * @deprecated Use `removeEventAttributes` instead * Remove onError attributes */ removeOnError: boolean; /** * Remove all `on*` event handler attributes (onerror, onclick, onload, onmouseover, etc.) * When enabled, this replaces the legacy `removeOnError` behavior with comprehensive protection. * * ```javascript * Jodit.make('#editor', { * cleanHTML: { * removeEventAttributes: true * } * }); * ``` */ removeEventAttributes: boolean; /** * Safe href="javascript:" links */ safeJavaScriptLink: boolean; /** * Automatically add `rel="noopener noreferrer"` to links with `target="_blank"` * * ```javascript * Jodit.make('#editor', { * cleanHTML: { * safeLinksTarget: true * } * }); * ``` */ safeLinksTarget: boolean; /** * Whitelist of allowed CSS properties inside `style` attributes. * If set, all CSS properties not in the list will be removed. * * ```javascript * Jodit.make('#editor', { * cleanHTML: { * allowedStyles: { * '*': ['color', 'background-color', 'font-size', 'text-align'], * img: ['width', 'height'] * } * } * }); * ``` */ allowedStyles: false | IDictionary<string[]>; /** * Custom sanitizer function. Called after Jodit's built-in sanitization. * Use this to integrate DOMPurify or other external sanitizers. * * ```javascript * import DOMPurify from 'dompurify'; * * Jodit.make('#editor', { * cleanHTML: { * sanitizer: (html) => DOMPurify.sanitize(html) * } * }); * ``` */ sanitizer: false | ((value: string) => string); /** * Automatically add `sandbox=""` attribute to all `<iframe>` elements in editor content. * Prevents embedded content from running scripts or accessing the parent page. * * ```javascript * Jodit.make('#editor', { * cleanHTML: { * sandboxIframesInContent: true * } * }); * ``` */ sandboxIframesInContent: boolean; /** * Convert unsafe embed elements to sandboxed `<iframe>`. * - `['object', 'embed']` — default * - `false` — disabled * - `string[]` — custom list of tag names to convert * * ```javascript * Jodit.make('#editor', { * cleanHTML: { * convertUnsafeEmbeds: Jodit.atom(['object', 'embed', 'applet']) * } * }); * ``` */ convertUnsafeEmbeds: false | string[]; /** * The allowTags option defines which elements will remain in the * edited text when the editor saves. You can use this limit the returned HTML. * * ```javascript * const jodit = new Jodit.make('#editor', { * cleanHTML: { * cleanOnPaste: false * } * }); * ``` * * ```javascript * const editor = Jodit.make('#editor', { * cleanHTML: { * allowTags: 'p,a[href],table,tr,td, img[src=1.png]' // allow only <p>,<a>,<table>,<tr>,<td>,<img> tags and * for <a> allow only `href` attribute and <img> allow only `src` attribute == '1.png' * } * }); * editor.value = 'Sorry! <strong>Goodby</strong>\ * <span>mr.</span> <a style="color:red" href="https://xdsoft.net">Freeman</a>'; * console.log(editor.value); //Sorry! <a href="https://xdsoft.net">Freeman</a> * ``` * * ```javascript * const editor = Jodit.make('#editor', { * cleanHTML: { * allowTags: { * p: true, * a: { * href: true * }, * table: true, * tr: true, * td: true, * img: { * src: '1.png' * } * } * } * }); * ``` */ allowTags: false | string | IDictionary<string>; denyTags: false | string | IDictionary<string>; /** * Node filtering rules that do not need to be applied to content * The full list of rules is generated dynamically from the folder * https://github.com/xdan/jodit/tree/main/src/plugins/clean-html/helpers/visitor/filters */ disableCleanFilter: Nullable<Set<string>>; }; } }