WordPress.org

Make WordPress Core

Opened 3 years ago

Closed 8 months ago

#23479 closed defect (bug) (invalid)

tiny_mce_before_init filter is not fired for users with Author role

Reported by: paulmackinlay Owned by:
Milestone: Priority: normal
Severity: normal Version: 3.5.1
Component: TinyMCE Keywords: reporter-feedback
Focuses: Cc:

Description

http://www.designzzz.com/how-to-stop-wordpress-editor-from-removing-iframe-and-embed-code/ explains how to change wordpress so that you can embed an iframe in a post without tiny MCE removing it.

This works fine if you are logged in to wordpress as an administrator. It has no effect when you login to wordpress as an author.

I guess that the tiny_mce_before_init filter is not fired unless the user has an administrator role.

Change History (2)

comment:1 @helen3 years ago

  • Keywords reporter-feedback added

Is it that it doesn't work when switching between editor modes or is it that something like an iframe gets stripped out upon saving/publishing as a non-admin? Some tags are going to get stripped out for some user roles, which is done on a PHP/server-side level. One can't rely on just the front-end to do that kind of data sanitization.

Also, I don't see TinyMCE stripping iframes or embeds when switching between modes in trunk, anyway, whether I'm logged in as a (super)admin or an author.

comment:2 @iseulde8 months ago

  • Milestone Awaiting Review deleted
  • Resolution set to invalid
  • Status changed from new to closed

No feedback in 2 years.

Note: See TracTickets for help on using tickets.