Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Jerode 44 posts 159 karma points
    Dec 22, 2014 @ 20:13
    Jerode
    0

    TinyMCE Video Configuration

    What do I need to do to enforce all iFrames are run in the sandbox mode?

    An example being that I insert a YouTube video link inside of the TimeMCE editor (Embed). After clicking okay the embed iframe is generated in the source. 

    This is the generated source: 

    <p><iframe width="360" height="203" src="https://www.youtube.com/embed/tF03jgCgV7s?feature=oembed" frameborder="0" allowfullscreen=""></iframe></p>

    I want to modify this output. It seems like https://www.youtube.com/oembed is being called when I put the link in TinyMCE Embed dialog and the resulting xml gives what is saved. 

    This is what I would like to be the generated source:

    <p><iframe width="360" height="203" src="https://www.youtube.com/embed/tF03jgCgV7s?feature=oembed" frameborder="0" allowfullscreen="" sandbox="allow-same-origin allow-scripts"></iframe></p>

    Do I need to write my own AbstractProvider that will do this or can someone point me to where this can be done?

  • Jan Skovgaard 11280 posts 23678 karma points MVP 11x admin c-trib
    Dec 22, 2014 @ 20:21
    Jan Skovgaard
    1

    Hi Jerode

    If you go to the /config/TinyMceEditorConfig.config you should be able to add the "sandbox" attribute to the allowed attributes for the <iframe> element.

    When you have done that make sure to recycle the app pool in order for the changes to take effect.

    Hope this helps!

    /Jan

  • Jerode 44 posts 159 karma points
    Dec 22, 2014 @ 20:29
    Jerode
    0

    Thanks Jan, I was aware of that part. What I want to do is have it written by default in my application. Some users do not have access to the HTML of TinyMCE and therefore would not be able to add the attribute. Am I correct here?

  • Jan Skovgaard 11280 posts 23678 karma points MVP 11x admin c-trib
    Dec 22, 2014 @ 20:35
    Jan Skovgaard
    0

    Hi Jerode

    Yes that's correct if some users are not able to edit the HTML then they won't be able to add the attribute.

    What version of Umbraco are you using btw?

    /Jan

  • Jerode 44 posts 159 karma points
    Dec 22, 2014 @ 20:37
    Jerode
    0

    Currently using 7.2 and plan on updating to the 7.2.1 patch later today.

  • Jan Skovgaard 11280 posts 23678 karma points MVP 11x admin c-trib
    Dec 22, 2014 @ 20:44
    Jan Skovgaard
    100

    Hi Jerode

    Ok - Well perhaps you should consider making your own macro for inserting the youtube videos instead of using the default embed option.

    By making your own macro for embedding youtube videos you could have the following parameters

    url (textstring) with (textstring) height (textstring) constrain (true/false) sandbox (true/false)

    Then based on the params you can output the desired markup for the iframe.

    Hope this makes sense.

    /Jan

  • Jerode 44 posts 159 karma points
    Dec 22, 2014 @ 20:54
    Jerode
    0

    I thought an approach like this would likely be it. I'll take it.

    Can you provide clarrification on "instead of using the default embed option"? Once done, should I just overwrite the YouTube providers type in EmbededMedia.config and point it to my new type or something else?

     

  • Jan Skovgaard 11280 posts 23678 karma points MVP 11x admin c-trib
    Dec 22, 2014 @ 21:10
    Jan Skovgaard
    1

    Hi Jerode

    In Umbraco 7 there is an "embed" option in the rich text editor - I assumed that was the one you're currently using? However I'd still suggest you go with your own macro.

    No, if you make a partial macro using Razor then you don't need to make any changes to the EmbededMedia.config file since you will keep your logic in the partial razor macro.

    Hope this makes sense.

    /Jan

  • Jerode 44 posts 159 karma points
    Dec 22, 2014 @ 21:16
    Jerode
    0

    Thanks for the prompt replies.

Please Sign in or register to post replies

Write your reply to:

Draft