如何在富文本编辑框中停用粘贴? [英] How can i deactivate paste in a rich text edit box ?
问题描述
我正在运行凯文罗斯的rte盒子,我想停用该盒子内的过去的能力
。人们有时会在那些可能会破坏我网站的地方粘贴一些令人发指的东西。如何停用
粘贴的能力?
请参阅: http://www.kevinroth.com/rte/demo.htm
感谢您的帮助
Seth Russell
" Seth Russell" < RU ********** @ gmail.com>写道:
我正在运行Kevin Roth的rte box
我不知道它是什么,但它可能无法在我的浏览器中工作
无论如何...检查......好吧,至少我可以在其中写HTML。
我想停用能够超越盒子。人们有时会在那里粘贴可能会破坏我网站的令人发指的东西。
如何停用粘贴功能?
那是'可能不是解决问题的最佳方法。粘贴是一个有用的操作,并且禁用它将保证最终惹恼一些用户的b $ b。还要记住,任何可以粘贴的东西,
也可以手动编写,所以如果有人想打破你的b
网站,他们仍然可以(或者如果需要的话,他们可以假的是HTTP POST
的坏内容。
如果您的应用程序输入格式错误有问题,它应该是
在使用输入之前在服务器上进行扫描,然后再使用
其他任何内容。
这是客户端/服务器编程的一般原则
互联网......不要相信客户。防止
网站破损的责任应该放在一个你可以信任的地方,这意味着
服务器。
/ L $ / $
-
Lasse Reichstein Nielsen - lr*@hotpop.com
DHTML死亡色彩:< URL:http://www.infimum.dk/HTML/rasterTriangleDOM.html>
''没有判断的信仰只会降低精神神圣。' '
>我不知道它是什么,但它可能在我的浏览器中无效..检查......好吧,至少我可以在里面写HTML。
不在我的版本中,我压制了看看html复选框。
您的浏览器中的wysiwyg无效吗?那个浏览器是什么?
还要记住,任何可以粘贴的东西,
也可以手动编写,
不是真的,你可以'不写HTML(在我的版本中)
如果您的应用程序输入格式错误有问题,它应该在使用
其他任何事情。
是的,是的...小心点我在php中执行一个常规操作。
需要
*禁止所有脚本
*禁止破解html - 这是在原子\ Rss提要和
需要完美的XHTML
Seth Russell
PS:我真正希望它做的是从<去除所有HTML br />
粘贴输入。它的功能应该与
Google Groups的方框完全相同。如果你在网页上选择所有内容,我想要你得到的东西
页面并去写字和粘贴。
Seth Russell
I''m running Kevin Roth''s rte box and i want to deactivate the ability
to past inside the box. People sometimes paste outrageous things in
there that might break my site. How can I deactivate the ability to
paste?
see: http://www.kevinroth.com/rte/demo.htm
Thanks for your help
Seth Russell
"Seth Russell" <ru**********@gmail.com> writes:
I''m running Kevin Roth''s rte box
I don''t know what it is, but it probably doesn''t work in my browser
anyway ... checking ... well, at least I can write HTML in it.
and i want to deactivate the ability to past inside the box. People
sometimes paste outrageous things in there that might break my site.
How can I deactivate the ability to paste?
That''s probably not the best way to solve the problem. Pasting is
a useful operation, and disabling it will be guaranteed to annoy
some users eventually. Also remember, anything that can be pasted,
can also be written manually, so if someone wants to break your
site, they still can (or if need be, they''ll fake a HTTP POST
of the bad content).
If your application has a problem with malformed input, it should
scan for exactly that, on the server, before using the input for
anything else.
That is general princliple in client/server programming on the
internet ... don''t trust the client. The responsibility for preventing
site breakage should lie in a place that you can trust, which means
the server.
/L
--
Lasse Reichstein Nielsen - lr*@hotpop.com
DHTML Death Colors: <URL:http://www.infimum.dk/HTML/rasterTriangleDOM.html>
''Faith without judgement merely degrades the spirit divine.''
>I don''t know what it is, but it probably doesn''t work in my browseranyway ... checking ... well, at least I can write HTML in it.
Not in my version of it, i suppressed the "look at html" check box.
Did the wysiwyg not work in your browser? Which browser is that?
Also remember, anything that can be pasted,
can also be written manually,
Not really, you can''t write HTML (in my version)
If your application has a problem with malformed input, it should
scan for exactly that, on the server, before using the input for
anything else.
Yes, yes ... care to point me to a routine in php that does that.
Needs to
* disallow all scripts
* disallow broken html - this is going out on a atom \ Rss feed and
needs to be perfect XHTML
Seth Russell
PS: What i really want it to do is to strip all HTML just from the
paste input. It should function just exactly like the box here at
Google Groups. I want just what you get if you select all on a web
page and go to word pad and paste.
Seth Russell
这篇关于如何在富文本编辑框中停用粘贴?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
