What is @ckeditor/ckeditor5-clipboard?
@ckeditor/ckeditor5-clipboard is a plugin for CKEditor 5 that provides clipboard support, enabling users to cut, copy, and paste content within the editor. It handles various clipboard operations, including pasting plain text, HTML, and rich text content, and integrates seamlessly with other CKEditor 5 plugins.
What are @ckeditor/ckeditor5-clipboard's main functionalities?
Basic Clipboard Operations
This code initializes a CKEditor 5 instance with the clipboard plugin enabled, allowing basic cut, copy, and paste operations.
ClassicEditor.create(document.querySelector('#editor'), { plugins: [ Clipboard ] })
Pasting Plain Text
This configuration ensures that only plain text is pasted into the editor, stripping out any HTML or rich text formatting.
ClassicEditor.create(document.querySelector('#editor'), { plugins: [ Clipboard ], clipboard: { plainText: true } })
Handling Custom Paste Events
This example demonstrates how to handle custom paste events by listening to the 'inputTransformation' event, allowing developers to manipulate the pasted content before it is inserted into the editor.
ClassicEditor.create(document.querySelector('#editor'), { plugins: [ Clipboard ] }).then(editor => { editor.plugins.get('Clipboard').on('inputTransformation', (evt, data) => { console.log('Custom paste event:', data); }); });
Other packages similar to @ckeditor/ckeditor5-clipboard
quill
Quill is a modern WYSIWYG editor built for compatibility and extensibility. It provides clipboard support similar to @ckeditor/ckeditor5-clipboard, allowing users to cut, copy, and paste content. Quill's clipboard module can be customized to handle different types of content and transformations.
tinymce
TinyMCE is a popular rich text editor that includes comprehensive clipboard support. It allows users to paste content from various sources, including Word and Excel, and provides options to clean up and transform pasted content. TinyMCE's clipboard functionality is comparable to @ckeditor/ckeditor5-clipboard in terms of flexibility and customization.
draft-js
Draft.js is a JavaScript framework for building rich text editors, developed by Facebook. It includes clipboard support for handling cut, copy, and paste operations. Draft.js allows developers to customize the clipboard behavior and integrate it with other editor features, similar to @ckeditor/ckeditor5-clipboard.
43.1.1 (September 25, 2024)
We are happy to announce the release of CKEditor 5 v43.1.1.
During a recent internal audit, we identified a Cross-Site Scripting (XSS) vulnerability in the CKEditor 5 clipboard package (CVE-2024-45613
). This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code execution, if the attacker managed to insert malicious content into the editor, which might happen with a very specific editor configuration.
This vulnerability affects only installations where the editor configuration meets the following criteria:
- The Block Toolbar plugin is enabled.
- One of the following plugins is also enabled:
You can read more details in the relevant security advisory and contact us if you have more questions.
Taking the occasion, we decided to introduce additional hardening to some parts of our codebase that introduce theoretical and unexploitable issues. Our security team confirmed that none of these issues were exploitable in a real scenario, however, we decided to fix them, in order to increase the overall security posture of our software.
Released packages
Check out the Versioning policy guide for more information.
<details>
<summary>Released packages (summary)</summary>
Other releases:
</details>