[Catalyst] HTML editor plugin
David Schmidt
davewood at gmx.at
Wed Feb 3 14:56:03 GMT 2010
On Wed, Feb 3, 2010 at 2:32 PM, Denny <2010 at denny.me> wrote:
> On Wed, 2010-02-03 at 07:02 -0600, Paul Falbe wrote:
>> I'm looking to create a little app to edit/create HTML strings to
>> store in a mysql table. These strings are going to be displayed on
>> a web page for annoucements for a youth baseball league. Before I
>> went about creating one I thought I'd ask if there is a plugin/example
>> out there I should use as a starting point. Basically, I need a
>> Catalyst html editor plugin if such a thing exists.
>
> Not Catalyst specific, but I've used ckeditor* in the past - it's a
> drop-in replacement for <textarea> with a load of configuration options.
>
> Bear in mind the obvious security risks of letting people input HTML and
> then injecting it directly into your site - at a bare minimum you want
> to strip out javascript stuff, including onclick etc.
I use TinyMCE and HTMLScrubber to define the allowed html tags.
http://search.cpan.org/~cfranks/HTML-FormFu-0.06001/lib/HTML/FormFu/Filter/HTMLScrubber.pm
- type: Textarea
name: 'description'
filters:
- type: HTMLScrubber
allow: [ 'a', 'p', 'br', 'strong', 'em', 'h1', 'h2', 'h3',
'img', 'ul', 'ol', 'li' ]
More information about the Catalyst
mailing list