Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-79256

Do not autoclean content for textarea custom field

    XMLWordPrintable

Details

    • MOODLE_402_STABLE
    • MOODLE_404_STABLE
    • Hide
      1. Log in as admin
      2. Navigate to Security > Site security settings in site administration
      3. Turn on Enable trusted content and save
      4. Create a new user (manager)
      5. Navigate to Users > Permissions > Assign system roles in site administration
      6. Add new user to the Manager role
      7. Navigate to Users > Permissions > Define roles in site administration
      8. Edit the Manager role
      9. Remove the moodle/site:trustcontent capability and save
      10. Navigate to Users > Accounts > Cohort custom fields in site administration
      11. Add a new category (if none exists)
      12. Add a new Text area custom field
        • Name: Test
        • Shortname: test
      13. Navigate to Users > Accounts > Cohorts in site administration
      14. Add a new cohort:
        • Name: First
        • Test (insert via source code view):

          <p>
          Text with iframe tag
          <iframe src="https://moodle.org/"></iframe>
          </p>
          

      15. Log out
      16. Log in as test user (manager)
      17. Navigate to Users > Accounts > Cohorts in site administration
      18. Add a new cohort:
        • Name: Second
        • Test (insert via source code view):

          <p>
          Text with iframe tag
          <iframe src="https://moodle.org/"></iframe>
          </p>
          

      19. Log out
      20. Log in as admin
      21. Navigate to Reports from user menu
      22. Create a new report from Cohorts report source
        • Include default setup: Yes
      23. In report editor add hte Cohort > Test column
      24. Confirm that cohort First shows the original Test content (including iframe)
      25. Confirm that cohort Second shows the cleaned Test content (excluding iframe)
      26. Navigate to Security > Site security settings in site administration
      27. Turn off Enable trusted content and save
      28. Re-visit your cohorts custom report
      29. Confirm that both cohorts now show the cleaned Test content
      Show
      Log in as admin Navigate to Security > Site security settings in site administration Turn on Enable trusted content and save Create a new user ( manager ) Navigate to Users > Permissions > Assign system roles in site administration Add new user to the Manager role Navigate to Users > Permissions > Define roles in site administration Edit the Manager role Remove the moodle/site:trustcontent capability and save Navigate to Users > Accounts > Cohort custom fields in site administration Add a new category (if none exists) Add a new Text area custom field Name: Test Shortname: test Navigate to Users > Accounts > Cohorts in site administration Add a new cohort: Name: First Test ( insert via source code view ): <p> Text with iframe tag <iframe src="https://moodle.org/"></iframe> </p> Log out Log in as test user ( manager ) Navigate to Users > Accounts > Cohorts in site administration Add a new cohort: Name: Second Test ( insert via source code view ): <p> Text with iframe tag <iframe src="https://moodle.org/"></iframe> </p> Log out Log in as admin Navigate to Reports from user menu Create a new report from Cohorts report source Include default setup: Yes In report editor add hte Cohort > Test column Confirm that cohort First shows the original Test content (including iframe) Confirm that cohort Second shows the cleaned Test content (excluding iframe) Navigate to Security > Site security settings in site administration Turn off Enable trusted content and save Re-visit your cohorts custom report Confirm that both cohorts now show the cleaned Test content

    Description

      Currently, we can't use some tags in the text area for custom field, like iframe.

      The text area custom field is part of core custom field API.

      It's just an additional functionality for the field, and the custom field should be managed by admins/teachers, so it's good to add 'noclean' option for the textarea.

      Attachments

        Issue Links

          Activity

            People

              pholden Paul Holden
              tomotsuyuki Tomo Tsuyuki
              Tomo Tsuyuki Tomo Tsuyuki
              Ilya Tregubov Ilya Tregubov
              Kim Jared Lucas Kim Jared Lucas
              Votes:
              0 Vote for this issue
              Watchers:
              15 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - 0 minutes
                  0m
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 4 hours, 36 minutes
                  4h 36m

                  Clockify

                    Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.