ckeditor4-dev - npm Package Versions

CKEditor 4.15.1

Security Updates:

• Fixed XSS vulnerability in the Color History feature reported by Mark Wade.

  Issue summary: It was possible to execute an XSS-type attack inside CKEditor 4 by persuading a victim to paste a specially crafted HTML code into the Color Button dialog.

An upgrade is highly recommended!

Fixed Issues:

• #4293: Fixed: The CKEDITOR.inlineAll() method tries to initialize inline editor also on elements with an editor already attached to them.
• #3961: Fixed: The Table Resize plugin prevents editing of merged cells.
• #3649: Fixed: Applying a block format should remove existing block styles.
• #4282: Fixed: The script loader does not execute callback for scripts already loaded when called for the second time. Thanks to Alexander Korotkevich!
• #4273: Fixed: A memory leak in the CKEDITOR.domReady() method connected with not removing load event listeners. Thanks to rohit1!
• #1330: Fixed: Incomplete CSS margin parsing if an auto or 0 value is used.
• #4286: Fixed: The Auto Grow plugin causes the editor width to be set to 0 on editor resize.
• #848: Fixed: Arabic text not being "bound" correctly when pasting. Thanks to Thomas Hunkapiller and J. Ivan Duarte Rodríguez!

API Changes:

• #3649: Added a new stylesRemove editor event.

Other Changes:

• #4262: Removed the global reference to the stylesLoaded variable. Thanks to Levi Carter!
• Updated the Export to PDF plugin to 1.0.1 version:
  • Improved external CSS support for classic editor by handling exceptions and displaying convenient error messages.

CKEditor 4.14.1

Fixed Issues:

• #2607: Fixed: The Emoji plugin SVG icons file is not loaded in CORS context.
• #3866: Fixed: The config.readOnly configuration option not considered for startup read-only mode of inline editor.
• #3931: [IE] Fixed: An error is thrown when pasting using the Paste button after accepting the browser Clipboard Access Prompt dialog.
• #3938: Fixed: Cannot navigate the Autocomplete panel with the keyboard after switching to source mode.
• #2823: [IE] Fixed: Cannot resize the last table column using the Table Resize plugin.
• #909: Fixed: The Table Resize plugin does not work when the editor is placed in an absolutely positioned container. Thanks to Roland Petto!
• #1959: Fixed: The Table Resize plugin does not work in a maximized editor when the Div Editing Area feature is enabled. Thanks to Roland Petto!
• #3156: Fixed: Autolink config.autolink_urlRegex and config.autolink_emailRegex options are not customizable. Thanks to Sergiy Dobrovolsky!
• #624: Fixed: Notification does not work with the bottom toolbar location.
• #3000: Fixed: Auto Embed does not work with the bottom toolbar location.
• #1883: Fixed: The editor.resize() method does not work with CSS units.
• #3926: Fixed: Dragging and dropping a widget sometimes produces an error.
• #4008: Fixed: Remove Format does not work with a collapsed selection.
• #3998: Fixed: An error is thrown when switching to the source mode using a custom <kbd>Ctrl</kbd> + <kbd>Enter</kbd> keystroke with the Widget plugin present.

Other Changes:

• Updated WebSpellChecker (WSC) and SpellCheckAsYouType (SCAYT) plugins:
  • Fixed: Active Autocomplete panel causes active suggestions to be unnecessarily checked by the SCAYT spell checking mechanism.

CKEditor 4.13.1

Fixed Issues:

• #875: Fixed: Pasting inside the editor that contains a table with the Table Selection plugin after selecting all content replaces only the table element instead of the entire content.
• #3415: [Firefox] Fixed: Pasting individual list elements fails. Thanks to Jack Wickham!
• #3413: Fixed: Menu items with labels containing double quotes are rendered incorrectly.
• #3475: [Firefox] Fixed: Pasting plain text over existing content fails and throws an error.
• #2027: Fixed: Incorrect email display text after reopening the Link dialog for display names starting with @.
• #3544: Fixed: The Special Characters dialog read incorrectly by screen readers due to empty table cells at the end.
• #1653: Fixed: Balloon Toolbar is not repositioned when the editor is scrolled with the Div Editing Area feature enabled.
• #3559: Fixed: Color Dialog is incorrectly positioned when used with another dialog.
• #3593: Fixed: Cannot access a text or comment node when replacing an element node with them via CKEDITOR.htmlParser.filter.
• #3524: Fixed: The Easy Image plugin throws an error when any image with an unsupported data type is pasted into the editor.
• #3552: Fixed: Incorrect value of CKEDITOR.plugins.widget.repository#selected after selecting the whole editor content.
• #3586: Fixed: Content pasted from Microsoft Excel is not correctly recognised by the Paste from Word plugin.
• #3585: [Firefox] Fixed: Microsoft Excel content is pasted as an image.
• #3625: [Firefox] Fixed: Microsoft PowerPoint content is pasted as an image.
• #3474: Fixed: Incorrect focus order after any tab in a dialog was clicked.
• #3689: Fixed: Cannot change dialog tabs with keyboard arrow keys after focusing any tab with a mouse click.

API Changes:

• #3634: Added the CKEDITOR.plugins.clipboard.dataTransfer#getTypes() method.