Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trix no longer adds dataset attributes on inserted attachments in 2.1.4 #1178

Open
J-Michalek opened this issue Aug 7, 2024 · 4 comments · May be fixed by #1183
Open

Trix no longer adds dataset attributes on inserted attachments in 2.1.4 #1178

J-Michalek opened this issue Aug 7, 2024 · 4 comments · May be fixed by #1183

Comments

@J-Michalek
Copy link

J-Michalek commented Aug 7, 2024
edited
Loading

Describe the bug or issue here…

Steps to Reproduce
  1. Go to https://trix-editor.org/
  2. Delete all of the content
  3. Paste the following code into the console and run it
(() => {
    const trix = document.querySelector("trix-editor");
    const attachment = new Trix.Attachment({
    "attachment-type": "custom",
    "content": "<div data-item-id='123'>Content</div>",
    "contentType": "custom"
    });

    trix.editor.insertAttachment(attachment)
})()
  1. Inspect the attachment within Trix and see that the div element is missing the data-item-id attribute

This was working fine prior to version 2.1.4.

Details
  • Trix version: 2.1.4
  • Browser name and version: Chrome 127.0.6533.89 (Official Build) (arm64)
  • Operating system: MacOS
@J-Michalek J-Michalek changed the title Trix stopped adding dataset attributes on inserted attachments in 2.1.4 Trix no longer adds dataset attributes on inserted attachments in 2.1.4 Aug 7, 2024
@OtherCroissant
Copy link

OtherCroissant commented Aug 22, 2024
edited
Loading

I have the same issue, Seems like it has to do with the recent changes of always applying the HTMLSanitizer, so we need to add the data-item-id to the allowedAttibutes of the HTMLSanitizer somehow. But it looks like the HTMLSanitizer.setHTML() constructor is used to sanitize things, which does not pass a allowedAttributes list around and therefore only the default list HTMLSanitizer.DEFAULT_ALLOWED_ATTRIBUTES is used. Which is a constant and we cannot override?

In my case, I need a data-element-id on a link attachment. I am trying this, but until now no luck:

const defaultHrefParser = Trix.config.textAttributes.href.parser;

Trix.config.textAttributes.href = {
  ...Trix.config.textAttributes.href,
  parser: (element) => {
    element.allowedAttributes = [...element.allowedAttributes, "data-element-id"];
    defaultHrefParser(element);
  }
};

The parser element looks like it has the correct list of allowedAttributes now? (data-element-id is in there). But it does not let it through...

@Betree
Copy link

Betree commented Sep 2, 2024

Same issue but with the nodes themselves: since Trix 2.1.4, embedding YouTube/Vimeo videos in the editor no longer works because they're using iframes, and as far as I can tell they're no way to customize the sanitizer's behavior.

@Betree Betree linked a pull request Sep 2, 2024 that will close this issue
Open
@Betree
Copy link

Betree commented Sep 2, 2024

I forked the repo and proposed a fix that moves the sanitizer's options to config. With that PR, I'm able to allow video embedding by allowing them explicitly:

remove(this.Trix.config.parser.forbiddenElements, type => type === 'iframe'); // Allow iframes for video embeds
this.Trix.config.parser.allowedAttributes.push('frameborder', 'allowfullscreen');

@Betree Betree mentioned this issue Sep 2, 2024
Closed
@OtherCroissant
Copy link

Is there anyone from Basecamp willing to review this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(Sanitizer): read options from config opencollective/trix
3 participants
@Betree @OtherCroissant @J-Michalek