How to add javascript in the html without sanitization?
I tried adding the script to the iframe in which the canvas renders by adding a <script> tag at the end of the body of the iframe. This works to some extent. The problem here is that when I need to update the js inside the script I will need to refresh the iframe (to remove any event listeners if present) and doing so...
Read full answer below βQuestion
Hey @artf, I am taking javascript input from the user. I need to add this javascript inside the template HTML but it gets sanitized.
Is there a way that I can turn off the sanitization? (I don't have an issue with the problems you mentioned in #3245 ) or can you add a property in the editor like allowSanitization: false
If not, then how can I add the javascript to the canvas?
Answers (4)
I tried adding the script to the iframe in which the canvas renders by adding a <script> tag at the end of the body of the iframe. This works to some extent. The problem here is that when I need to update the js inside the script I will need to refresh the iframe (to remove any event listeners if p...
Can you provide a reproducible demo of your issue, please?
Thanks for the reply @artf. I was doing a mistake while updating the iframe so now my problem is solved! Just another question, is there any built-in method to refresh the iframe?
Thanks for reporting this, @theSC0RP. Great suggestion about How to add javascript in the html without sanitization?! While this specific feature isn't yet in the core API, there are several ways to achieve similar behavior. Using the event system: Alternative approaches: Listen to selector:add for...
Related Questions and Answers
Continue research with similar issue discussions.
Issue #3714
Partial parse
Discussed in https://github.com/artf/grapesjs/discussions/3711 <div type='discussions-op-text'> <sup>Originally posted by ltenti August 17,...
Issue #3668
Cant Reset Canvas after Moving/scaling it
WARNING READ and FOLLOW next 3 steps, then REMOVE them before posting the issueFollow CONTRIBUTING Guidelines https://github.com/artf/grape...
Issue #3405
An event to hook into before a block in dropped into the canvas
WARNING READ and FOLLOW next 3 steps, then REMOVE them before posting the issueFollow CONTRIBUTING Guidelines https://github.com/artf/grape...
Issue #3458
ADD CUSTOM BLOCKS (i.e iframe) and customise it like image i.e on double click it open assets options for video link in custom iframe block
WARNING READ and FOLLOW next 3 steps, then REMOVE them before posting the issueFollow CONTRIBUTING Guidelines https://github.com/artf/grape...
Paid Plugins That Match This Issue
Curated by issue keywords and label relevance to help you ship faster.
Loading paid plugin recommendations...
Check the open-source GrapesJS plugins on GitHub or run a quick search in our free catalog.
Browse free plugins βPremium plugins ship with support, regular updates, and production-ready features β save days of integration work.
Browse premium plugins βRelated tutorials
In-depth guides on the same topic.
Tutorial
How to Build a Production GrapesJS Editor: The Complete Walkthrough of Brief, Preset, Plugins, and Services
A complete walkthrough of building a production GrapesJS editor: how to choose a preset, pick plugins, and scope setup services without burning a sprint.
Tutorial
Big Updates: TinyMCE 8 and Placeholder 2.0 for GrapesJS
In May we shipped major updates to two of our most popular GrapesJS plugins β TinyMCE Inline Text Editor and Placeholder.
Tutorial
Find the Right GrapesJS Plugin in Seconds: Smarter Discovery Is Live
We're shipping a set of discovery upgrades. New label filters, a proper compatibility switch for GrapesJS vs Studio, one-click and a smarter sort bar.
Browse Plugin Categories
Jump directly to plugin category pages on the marketplace.