General developer forum

JS being pasted into Atto editor

 
Picture of Amanda Doughty
JS being pasted into Atto editor
Core developersPlugin developers

I am getting several issues a day with pages not loading properly and they are all because users are copying web page content into the Atto Editor. Has anybody else had this issue? We have enabletrusttext switched off.

Does anybody else have the same issue? It is wasting so much of my time. My understanding was that Atto cleaned out this rubbish if enabletrusttext is off?


https://docs.moodle.org/dev/Trusttext_cleaning_bypass

 
Average of ratings: -
Picture of Richard Oelmann
Re: JS being pasted into Atto editor
Core developersParticularly helpful MoodlersPlugin developersTesters

Yes, I had exactly the same issue earlier this week and spent hours having to clean up the content.

It appeared that the user had copied content from another Moodle page and it had grabbed not just the content and even the styles etc, but everything including the js in the footer. And this was allowed in the editor - I'll check the trusted content setting, but thought it was turned off previously.

 
Average of ratings: -
Picture of Amanda Doughty
Re: JS being pasted into Atto editor
Core developersPlugin developers

We get a lot of copying Moodle too. But a recent one inserted adware that popped up porn!

 
Average of ratings: -