inserting and displaying html formatting in input form
inserting and displaying html formatting in input form
The live editor examples allow html styling of a word(s) in a text field. Select a row, add <i> italic </>. The updated cell successfully displays the italic text. I created my .NET table using the generator package. When I add <i>italic</i> the updated field displays the code not the style. It returns <i>italic</>. I turned validation=false so visual studio will accept the html.
I suspect the problem results from using the generator package. Will I have the same problem using PHP?.
This discussion has been closed.
Answers
No - you won't have the same issue in PHP. The problem here is the built in XSS protection. Microsoft's XSS library, which Editor uses, is really aggressive and will encode a lot of options that aren't really required to be encoded (basically any HTML).
One option is to disable the XSS protection on input, and instead use a DataTables renderer to protect yourself on output. That can be done using the APIs as discussed in the Editor manual.
Allan