Jump to content

Javascript in description


Recommended Posts

Hello!

 

I'm wondering if there is a way to use plain javascript in a product description? Like:

<script type="text/javascript">
var myString = "test";
</script>

If I use the MCE "HTML" function I receive an error if I save the description.

I've searched the forum but didn't found more then insert a external javascript via the template.

Btw. the forum search doesn't allow javascript as searchstring?! Only "javascript".

 

Thanks!

Share this post


Link to post
Share on other sites

Ok, I've modified the tiny mce init with the property

extended_valid_elements: "script",

and

extended_valid_elements: "*[*]",

(yes I know this is bad for security reasons, but it's only for testing purposes)

 

But both did not work. I don't think it's a tiny mce message because the message apperas in a red box after i save the product description. It's definitiv a presta message.

Share this post


Link to post
Share on other sites

okay, so now: 

 

in class Validate.php at line 405 there is this check:
if (!$allow_iframe && preg_match('/<[\s]*(i?frame|form|input|embed|object)/ims', $html))

add there script and any other markups you want :)

 
 

but it is necessary to change tinymce too. if you will remove extended_valid_elements: "*[*]", tiny mce will automatically remove scripts etc.

  • Like 1

Share this post


Link to post
Share on other sites

Wow great, that's the file I was locking for!

Sorry, I don't know the code exactly. But I believe that's line 402 in classes/Validate.php which is the problem.

Line 405 has only the "blacklisted" elements if iframes are not allowed.

if (preg_match('/<[\s]*script/ims', $html) || preg_match('/('.$events.')[\s]*=/ims', $html) || preg_match('/.*script\:/ims', $html))
                        return false;

I think that preg_match('/<[\s]*script/ims', $html) and/or preg_match('/.*script\:/ims', $html) raise an error.

 

A general question: Is this new in Presta 1.5.5.0 because my Javascript worked well in previous versions?!

Share this post


Link to post
Share on other sites

  • 2 weeks later...

Hi,

 

I've just update the PS from v1.4.5.1 to v1.5.5.0

I was using an AJAX Javascript to import an external HTML on to my long description ( i dont use iframe for SEO purpose ), as you can see :

http://www.genuineluxuryoutlet.com/en/belts/28-hermes-style-tortora-italian-saffiano-belt.html

 

But if i try to modify my items or add a new item for security reasons Tiny MCE don't allow to save the product.

How can i disable this security function, i've read the post but it's not clear for me.

Do you have any suggestion ?

 

Thanks

Amar,

Share this post


Link to post
Share on other sites

  • 1 month later...
  • 3 years later...
<script type="application/ld+json">


"@context" : "http://schema.org",

"@type" : "Organization",

"name" : "{$shop_name|escape:'html':'UTF-8'}",

"url" : "{if isset($force_ssl) && $force_ssl}{$base_dir_ssl}{else}{$base_dir}{/if}",

"logo" : {

"@type":"ImageObject",

"url":"{$logo_url}"

}

}

</script>

 

tinymce allow script but i paste this code but save below type code

 


<script>// <![CDATA[

//--><![CDATA[//><!--

// 


"@context" : "http://schema.org",

"@type" : "Organization",

"name" : "{$shop_name|escape:'html':'UTF-8'}",

"url" : "{if isset($force_ssl) && $force_ssl}{$base_dir_ssl}{else}{$base_dir}{/if}",

"logo" : {

"@type":"ImageObject",

"url":"{$logo_url}"

}

}

//--><!

// ]]></script>

 

 why change script type  

Share this post


Link to post
Share on other sites

 Share

×
×
  • Create New...

Important Information

Cookies ensure the smooth running of our services. Using these, you accept the use of cookies. Learn More