@ckeditor/ckeditor5-core
Advanced tools
Comparing version 43.1.0-alpha.6 to 43.1.0-alpha.7
@@ -817,4 +817,4 @@ /** | ||
* | ||
* Read more about the security aspect of this feature in the {@glink features/html/html-embed#security "Security"} section of | ||
* the {@glink features/html/html-embed HTML embed} feature guide. | ||
* Read more about the security aspect of this feature in the {@glink getting-started/setup/html-security "HTML security"} | ||
* guide. | ||
* | ||
@@ -849,3 +849,3 @@ * The function receives the input HTML (as a string), and should return an object | ||
*/ | ||
sanitizeHtml?: (html: string) => SanitizedOutput; | ||
sanitizeHtml?: HtmlSanitizationCallback; | ||
/** | ||
@@ -1045,1 +1045,2 @@ * Label text for the `aria-label` attribute set on editor editing area. Used by assistive technologies | ||
} | ||
export type HtmlSanitizationCallback = (html: string) => SanitizedOutput; |
{ | ||
"name": "@ckeditor/ckeditor5-core", | ||
"version": "43.1.0-alpha.6", | ||
"version": "43.1.0-alpha.7", | ||
"description": "The core architecture of CKEditor 5 – the best browser-based rich text editor.", | ||
@@ -27,5 +27,5 @@ "keywords": [ | ||
"dependencies": { | ||
"@ckeditor/ckeditor5-engine": "43.1.0-alpha.6", | ||
"@ckeditor/ckeditor5-utils": "43.1.0-alpha.6", | ||
"@ckeditor/ckeditor5-watchdog": "43.1.0-alpha.6", | ||
"@ckeditor/ckeditor5-engine": "43.1.0-alpha.7", | ||
"@ckeditor/ckeditor5-utils": "43.1.0-alpha.7", | ||
"@ckeditor/ckeditor5-watchdog": "43.1.0-alpha.7", | ||
"lodash-es": "4.17.21" | ||
@@ -32,0 +32,0 @@ }, |
@@ -8,3 +8,3 @@ /** | ||
*/ | ||
import { Config, CKEditorError, ObservableMixin } from '@ckeditor/ckeditor5-utils'; | ||
import { Config, CKEditorError, ObservableMixin, logWarning } from '@ckeditor/ckeditor5-utils'; | ||
import { Conversion, DataController, EditingController, Model, StylesProcessor } from '@ckeditor/ckeditor5-engine'; | ||
@@ -60,2 +60,18 @@ import { ContextWatchdog, EditorWatchdog } from '@ckeditor/ckeditor5-watchdog'; | ||
this.config.define(this._context._getEditorConfig()); | ||
this.config.define('sanitizeHtml', function (rawHtml) { | ||
/** | ||
* One of the editor features directly inserts unsanitized HTML code into the editor. | ||
* It is strongly recommended to define a sanitize function that will clean up the input HTML | ||
* in order to avoid XSS vulnerability. | ||
* | ||
* For a detailed overview, check the {@glink getting-started/setup/html-security "HTML security"} guide. | ||
* | ||
* @error provide-sanitize-function | ||
*/ | ||
logWarning('provide-sanitize-function'); | ||
return { | ||
html: rawHtml, | ||
hasChanged: false | ||
}; | ||
}); | ||
this.plugins = new PluginCollection(this, availablePlugins, this._context.plugins); | ||
@@ -62,0 +78,0 @@ this.locale = this._context.locale; |
@@ -813,4 +813,4 @@ /** | ||
* | ||
* Read more about the security aspect of this feature in the {@glink features/html/html-embed#security "Security"} section of | ||
* the {@glink features/html/html-embed HTML embed} feature guide. | ||
* Read more about the security aspect of this feature in the {@glink getting-started/setup/html-security "HTML security"} | ||
* guide. | ||
* | ||
@@ -845,3 +845,3 @@ * The function receives the input HTML (as a string), and should return an object | ||
*/ | ||
sanitizeHtml?: (html: string) => SanitizedOutput; | ||
sanitizeHtml?: HtmlSanitizationCallback; | ||
/** | ||
@@ -1041,1 +1041,2 @@ * Label text for the `aria-label` attribute set on editor editing area. Used by assistive technologies | ||
} | ||
export type HtmlSanitizationCallback = (html: string) => SanitizedOutput; |
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
1945244
13843
+ Added@ckeditor/ckeditor5-engine@43.1.0-alpha.7(transitive)
+ Added@ckeditor/ckeditor5-utils@43.1.0-alpha.7(transitive)
+ Added@ckeditor/ckeditor5-watchdog@43.1.0-alpha.7(transitive)
- Removed@ckeditor/ckeditor5-engine@43.1.0-alpha.6(transitive)
- Removed@ckeditor/ckeditor5-utils@43.1.0-alpha.6(transitive)
- Removed@ckeditor/ckeditor5-watchdog@43.1.0-alpha.6(transitive)