Why does some HTML get removed from articles in version 1.5.8?

From Joomla! Documentation

Revision as of 12:59, 28 May 2009 by Leolll (Talk | contribs)

In Joomla! 1.5.8 & up, a default filtering choice is in place for those who have not selected an Article Filter option. The default applied for those who have not made a selection implements "black list" filtering as a security precaution against possible XSS.

Due to this change, you might notice problems trying to save a Youtube video, or embedding other Javascript or Flash objects into your Articles.

If the default filtering option is not suitable for your needs, you can change it by using the Article Global Configuration options. For example, to change the default settings so that no filtering happens for members of the Super Administrator group:

  1. Navigate to Content → Article Manager.
  2. Press the Parameters icon in the toolbar to show the Articles - Global Configuration screen.
  3. Scroll down to Filtering Options, highlight all Filter groups except Super Administrator, and select Filter type of Blacklist (Default), as shown in the screenshot below.
    Html filter example.png

With this setting, Joomla! will use the default Blacklist filter for all users except for the Super Administrator group. If you want to let other groups of Users submit content with no filtering, just modify the instructions above to exclude these groups. If you want no filtering on any groups, follow the instructions above but select only the Registered group.

Note: If you are using the Tiny MCE Editor you may also want to adjust these settings in the plugin:

  • Code Cleanup on Startup Off
  • Code cleanup on save Never Front Only. Always
  • Do not clean HTML entities. Yes

More detailed instructions for filtering options can be found by pressing the Help button when in the Article Manager, or by clicking this link.