What is @ckeditor/ckeditor5-link?
@ckeditor/ckeditor5-link is a plugin for CKEditor 5 that allows users to create, edit, and manage links within the editor. It provides a user-friendly interface for adding hyperlinks to text, ensuring that the links are properly formatted and functional.
What are @ckeditor/ckeditor5-link's main functionalities?
Adding a Link
This feature allows users to add hyperlinks to selected text within the editor. The toolbar includes a link button that opens a dialog for entering the URL.
ClassicEditor.create(document.querySelector('#editor'), { plugins: [ Link ], toolbar: [ 'link' ] })
Editing a Link
This feature allows users to edit existing links. Users can change the URL or the display text of the link through the editor's interface.
editor.model.change(writer => { const linkElement = writer.createElement('link', { href: 'https://example.com' }); writer.insert(linkElement, editor.model.document.selection.getFirstPosition()); });
Removing a Link
This feature allows users to remove hyperlinks from the text. The link is removed, but the text remains intact.
editor.model.change(writer => { const selection = editor.model.document.selection; const range = selection.getFirstRange(); writer.removeAttribute('linkHref', range); });
Other packages similar to @ckeditor/ckeditor5-link
quill
Quill is a modern WYSIWYG editor built for compatibility and extensibility. It includes link management features similar to @ckeditor/ckeditor5-link, allowing users to add, edit, and remove links within the editor.
tinymce
TinyMCE is a popular rich text editor that provides comprehensive link management capabilities. It offers a user-friendly interface for adding, editing, and removing links, similar to @ckeditor/ckeditor5-link.
froala-editor
Froala Editor is a lightweight WYSIWYG HTML editor that includes link management features. It allows users to easily add, edit, and remove links, providing functionality comparable to @ckeditor/ckeditor5-link.
43.1.1 (September 25, 2024)
We are happy to announce the release of CKEditor 5 v43.1.1.
During a recent internal audit, we identified a Cross-Site Scripting (XSS) vulnerability in the CKEditor 5 clipboard package (CVE-2024-45613
). This vulnerability could be triggered by a specific user action, leading to unauthorized JavaScript code execution, if the attacker managed to insert malicious content into the editor, which might happen with a very specific editor configuration.
This vulnerability affects only installations where the editor configuration meets the following criteria:
- The Block Toolbar plugin is enabled.
- One of the following plugins is also enabled:
You can read more details in the relevant security advisory and contact us if you have more questions.
Taking the occasion, we decided to introduce additional hardening to some parts of our codebase that introduce theoretical and unexploitable issues. Our security team confirmed that none of these issues were exploitable in a real scenario, however, we decided to fix them, in order to increase the overall security posture of our software.
Released packages
Check out the Versioning policy guide for more information.
<details>
<summary>Released packages (summary)</summary>
Other releases:
</details>