Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-67336

Forum inline reply option is applying filters before saving content in the DB

    XMLWordPrintable

Details

    • MOODLE_38_STABLE
    • MOODLE_37_STABLE, MOODLE_38_STABLE
    • MDL-67336-master
    • Hide
      1. As admin go to "Site administration > Plugins > Manage filters"
      2. Set "Convert URLs into links and images" to "On"
        Set "Multimedia plugins" to "On"
      3. Move "Convert URLs into links and images" above "Multimedia plugins"
      4. Change "Convert URLs into links and images" filter settings adding marking "HTML format" and "Moodle auto-format" in "Apply to formats" options.
      5. Go to a forum post
      6. Click on "Reply"
      7. Add 'Youtube video: https://www.youtube.com/watch?v=3ORsUGVNxGs' content to the reply field
      8. Check youtube video is showing in the new post
      9. Check content stored in the DB is: '<div class="text_to_html">Youtube video: https://www.youtube.com/watch?v=3ORsUGVNxGs</div>'
      Show
      As admin go to "Site administration > Plugins > Manage filters" Set "Convert URLs into links and images" to "On" Set "Multimedia plugins" to "On" Move "Convert URLs into links and images" above "Multimedia plugins" Change "Convert URLs into links and images" filter settings adding marking "HTML format" and "Moodle auto-format" in "Apply to formats" options. Go to a forum post Click on "Reply" Add 'Youtube video: https://www.youtube.com/watch?v=3ORsUGVNxGs ' content to the reply field Check youtube video is showing in the new post Check content stored in the DB is: '<div class="text_to_html">Youtube video: https://www.youtube.com/watch?v=3ORsUGVNxGs </div>'

    Description

      Forum inline reply is not saving content in the DB as it is in the editor, is applying filters before saving it in the DB.

      So, for example, if 'Display H5P' filter is enabled in the site and somebody adds H5P content (URL) in an inline reply, the filter is applied and an <iframe src='...'></iframe> is saved in the DB. When the reply is display, an if trustedcontent is not activated, that 'iframe' tag is removed, so H5P content is not rendered.

      Steps to reproduce:

      <div class="text_to_html">H5P: <iframe src="https://h5p.org/h5p/embed/576651" class="h5p-iframe" name="h5pcontent" style="height:230px; width: 100%; border: 0;" allowfullscreen="allowfullscreen"></iframe><script src="http://localhost/moodle/master/lib/h5p/js/h5p-resizer.js"></script></div>

      Attachments

        Issue Links

          Activity

            People

              mikelmartíncorrales Mikel Martín Corrales
              amaia Amaia Anabitarte
              Amaia Anabitarte Amaia Anabitarte
              Jake Dallimore Jake Dallimore
              Anna Carissa Sadia Anna Carissa Sadia
              Andrew Lyons, Huong Nguyen, Jun Pataleta, Michael Hawkins, Shamim Rezaie, Simey Lameze
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                13/Jan/20

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 1 day, 1 hour, 21 minutes
                  1d 1h 21m