I am looking for a good solution to make it possible for endusers to insert iframes (Soundcloud) in a template placeholder. I thought about using the djangocms-txt-ckeditor plugin. In it documentation it says to use the configurable sanitizer to accomplish this:
djangocms-text-ckeditor uses html5lib to sanitize HTML to avoid security issues >and to check for correct HTML code. Sanitisation may strip tags usesful for some >use cases such as iframe; you may customize the tags and attributes allowed by >overriding the TEXT_ADDITIONAL_TAGS and TEXT_ADDITIONAL_ATTRIBUTES settings:
TEXT_ADDITIONAL_TAGS = ('iframe',)
TEXT_ADDITIONAL_ATTRIBUTES = ('scrolling', 'allowfullscreen', 'frameborder')
I did edit the settings.py in my project like that and restarted my webserver (nginx). But the sanitizer is still wrapping it to avoid html-insertion.
I would like to avoid writing a SoundCloud plugin only for this purpose.
Any suggestions are welcome.
As suggested by @yakky in the comments I did update the Django environment to use "djangocms_text_ckeditor" in version 2.8.1.
While using this settings in my settings.py, it works great:
TEXT_ADDITIONAL_TAGS = ('iframe',)
TEXT_ADDITIONAL_ATTRIBUTES = ('scrolling', 'allowfullscreen', 'frameborder', 'src', 'height', 'width')
The (soundcloud) iframe shows up and no further problems did occur.
Be aware: Updating your environment can cause failures. Always try first within a development environment.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With