Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to use iframes in django-cms

I am looking for a good solution to make it possible for endusers to insert iframes (Soundcloud) in a template placeholder. I thought about using the djangocms-txt-ckeditor plugin. In it documentation it says to use the configurable sanitizer to accomplish this:

djangocms-text-ckeditor uses html5lib to sanitize HTML to avoid security issues >and to check for correct HTML code. Sanitisation may strip tags usesful for some >use cases such as iframe; you may customize the tags and attributes allowed by >overriding the TEXT_ADDITIONAL_TAGS and TEXT_ADDITIONAL_ATTRIBUTES settings:

TEXT_ADDITIONAL_TAGS = ('iframe',)
TEXT_ADDITIONAL_ATTRIBUTES = ('scrolling', 'allowfullscreen', 'frameborder')

I did edit the settings.py in my project like that and restarted my webserver (nginx). But the sanitizer is still wrapping it to avoid html-insertion.

I would like to avoid writing a SoundCloud plugin only for this purpose.

Any suggestions are welcome.

like image 763
svenwildermann-msft Avatar asked Mar 14 '23 13:03

svenwildermann-msft


1 Answers

As suggested by @yakky in the comments I did update the Django environment to use "djangocms_text_ckeditor" in version 2.8.1.

While using this settings in my settings.py, it works great:

TEXT_ADDITIONAL_TAGS = ('iframe',)
TEXT_ADDITIONAL_ATTRIBUTES = ('scrolling', 'allowfullscreen', 'frameborder', 'src', 'height', 'width')

The (soundcloud) iframe shows up and no further problems did occur.

Be aware: Updating your environment can cause failures. Always try first within a development environment.

like image 79
svenwildermann-msft Avatar answered Mar 24 '23 05:03

svenwildermann-msft