PHP Editor changes html content of field
PHP Editor changes html content of field
HassanDomeDenea
Posts: 29Questions: 10Answers: 0
in Editor
Greetings
I'm using quill field type for html input.
When Inserting an image, it is formed like this:
<img src="data:image/png;base64,iVBORw0K...."/>
But in the database I find the value is changed into:
<img src="denied:data:image/png;base64,iVBORw0K..."/>
I tried to use simple PHP Sqlite PDO to handle the insertion with prepared Statement. and it inserted the html as it is without changing anything.
By the way I'm separte method to send the creation ajax request, mimicking the orignial datatable editor parameters, and here is my code:
let data = {};
let primary_key=0;
data[primary_key] = {
key: '-',
name: '---'
...
manual_result: manual_result,
};
let formData = new FormData();
formData.append('action', primary_key ? 'edit' : 'create');
formData.append('data', JSON.stringify(data));
And here is the sent request from chrome console:
action: create
data: {"0":{"key":"-","name":"---","manual_result":"<p><img src=\"data:image/png;base64,iVBORw0KGgoA...}}
This question has an accepted answers - jump to answer
This discussion has been closed.
Answers
Hi,
Its part of the xss protection. Add
->xss(false)to yourFieldfor this in the PHP and it will no longer add that protection.Allan
Perfect! It solved it.