@ckeditor/ckeditor5-html-support
Advanced tools
@ckeditor/ckeditor5-html-support is a plugin for CKEditor 5 that allows you to work with raw HTML content. It provides the ability to handle custom HTML elements and attributes, making it easier to integrate CKEditor 5 into applications that require advanced HTML support.
Enabling HTML Support
This code demonstrates how to enable the HTML support plugin in CKEditor 5. By adding `HtmlSupport` to the `extraPlugins` array, you can start working with raw HTML content within the editor.
ClassicEditor.create(document.querySelector('#editor'), { extraPlugins: [HtmlSupport] })Allowing Custom Elements
This code shows how to configure the editor to allow custom HTML elements, attributes, classes, and styles. In this example, the `div` element is allowed with all its attributes, classes, and styles.
ClassicEditor.create(document.querySelector('#editor'), { htmlSupport: { allow: [{ name: 'div', attributes: true, classes: true, styles: true }] } })Disallowing Specific Elements
This code demonstrates how to disallow specific HTML elements. In this example, the `script` element is disallowed, preventing users from adding script tags to the content.
ClassicEditor.create(document.querySelector('#editor'), { htmlSupport: { disallow: [{ name: 'script' }] } })Draft.js is a JavaScript rich text editor framework, built for React. It allows for extensive customization and supports raw HTML content through its ContentState and RawDraftContentState structures. Compared to @ckeditor/ckeditor5-html-support, Draft.js offers more flexibility for React applications but requires more setup and configuration.
Quill is a modern WYSIWYG editor built for compatibility and extensibility. It supports custom HTML elements and attributes through its Delta format and Parchment library. Quill is easier to set up compared to @ckeditor/ckeditor5-html-support but may not offer the same level of integration with CKEditor 5's advanced features.
TinyMCE is a popular rich text editor that provides extensive HTML support, including custom elements and attributes. It offers a wide range of plugins and configuration options. TinyMCE is comparable to @ckeditor/ckeditor5-html-support in terms of functionality but may have a steeper learning curve for new users.
This package implements the General HTML Support feature for CKEditor 5. It allows enabling unsupported HTML features in the rich-text editor at low cost.
Check out the demo in the General HTML Support feature guide.
See the @ckeditor/ckeditor5-html-support package page as well as the General HTML Support feature guide in CKEditor 5 documentation.
npm install ckeditor5
Licensed under the terms of GNU General Public License Version 2 or later. For full details about the license, please check the LICENSE.md file or https://ckeditor.com/legal/ckeditor-oss-license.
43.1.1 (September 25, 2024)
We are happy to announce the release of CKEditor 5 v43.1.1.
During a recent internal audit, we identified a Cross-Site Scripting (XSS) vulnerability in the CKEditor 5 clipboard package (CVE-2024-45613). This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code execution, if the attacker managed to insert malicious content into the editor, which might happen with a very specific editor configuration.
This vulnerability affects only installations where the editor configuration meets the following criteria:
You can read more details in the relevant security advisory and contact us if you have more questions.
Taking the occasion, we decided to introduce additional hardening to some parts of our codebase that introduce theoretical and unexploitable issues. Our security team confirmed that none of these issues were exploitable in a real scenario, however, we decided to fix them, in order to increase the overall security posture of our software.
Check out the Versioning policy guide for more information.
<details> <summary>Released packages (summary)</summary>Other releases:
FAQs
HTML Support feature for CKEditor 5.
The npm package @ckeditor/ckeditor5-html-support receives a total of 156,974 weekly downloads. As such, @ckeditor/ckeditor5-html-support popularity was classified as popular.
We found that @ckeditor/ckeditor5-html-support demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.