htmljquerysummernote
Summernote executes escaped html
I fetch data from a MySQL database, the data stored is this:
<p><script>alert('123');</script><br /></p>
When I fetch the data normally I get this as result:
<script>alert('123');</script>
This is fine and works as expected, however when I fetch the data into a textarea which is initialized with Summernote I get an alert like this:
Somehow Summernote converts the escaped html tags to functioning HTML.
How do I fix this?
I have already tried the answer of this question:
It did not work.
Solution
I managed to fix it by instead of fetching the data in the textarea fetching it in via jQuery like this:
<textarea name="description" id="description"></textarea>
<script>
$('#description').summernote({
height: 250,
codeviewFilter: false,
codeviewIframeFilter: true,
// toolbar
toolbar: [
['font', ['bold', 'italic', 'underline', 'clear']],
['color', ['color']],
['para', ['ul', 'ol', 'paragraph']],
['view', ['fullscreen', 'codeview', 'help']]
],
}).on("summernote.enter", function(we, e) {
$(this).summernote('pasteHTML', '<br /> ');
e.preventDefault();
});
$("#description").summernote("code", "<?php echo $video->getDetails('', $fileName, 'desc'); ?>");
</script>
Now it doesn't convert > and $lt; to <> if it is the script tag.
See more information here:
https://github.com/summernote/summernote/pull/3782#issuecomment-774432392
- HTML saving to PDF loses anchor tags
- Listen on multiple input tags and concatenate inputs to a single output field without need to click a button
- In Emacs, how to add line number for src block by CSS?
- React.js passing one components variables to another component and vice-versa
- React Audio Player Change current time of Audio
- Changing the color of a <select> depending on its value - CSS only(?)
- How to submit an HTML form without redirection
- HTML/JS app within an Android App
- How to get only directly contained text in DOM element in Javascript?
- Remove leading zeros from input type=number
- Progress bar along the borders of a rectangle
- Is there a way to change the CSS resize corner's position?
- Disable zoom on input focus in Android webpage
- Converting old Html SIZE=+x to css
- How to style focus outline for accessibility purposes
- How to set textarea height using min-height?
- Resize textarea on input
- Semantically correct html for react accordion component
- How can I tell password managers what pattern to use?
- Ticks for type="range" HTML input
- Why Marquee in HTML and CSS context is named that way?
- Undefined error after switching through images in Javascript
- HTML Input Font Family Styling for Safari
- Overflow text align left
- Should the <main> tag be inside <section> tag
- Audio is not playing in html
- How can I avoid recursion in this JavaScript function that uses Promises?
- If it is possible to animate image pixelation without canvas, using only CSS
- How to Link another page, at a certain point HTML
- How do I import svg from file to a component in angular 5?