Opened 12 years ago
Closed 10 years ago
#23479 closed defect (bug) (invalid)
tiny_mce_before_init filter is not fired for users with Author role
Reported by: | paulmackinlay | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 3.5.1 |
Component: | TinyMCE | Keywords: | reporter-feedback |
Focuses: | Cc: |
Description
http://www.designzzz.com/how-to-stop-wordpress-editor-from-removing-iframe-and-embed-code/ explains how to change wordpress so that you can embed an iframe in a post without tiny MCE removing it.
This works fine if you are logged in to wordpress as an administrator. It has no effect when you login to wordpress as an author.
I guess that the tiny_mce_before_init filter is not fired unless the user has an administrator role.
Change History (2)
Note: See
TracTickets for help on using
tickets.
Is it that it doesn't work when switching between editor modes or is it that something like an iframe gets stripped out upon saving/publishing as a non-admin? Some tags are going to get stripped out for some user roles, which is done on a PHP/server-side level. One can't rely on just the front-end to do that kind of data sanitization.
Also, I don't see TinyMCE stripping iframes or embeds when switching between modes in trunk, anyway, whether I'm logged in as a (super)admin or an author.