Removing any html / formatting / ect from text string when pasting through javascript / jquery?

Question

Removing any html / formatting / ect from text string when pasting through javascript / jquery?

Not sure if this is possible in all modern browsers, but is there a way using javascript / jquery to remove all html tags, CSS formatting, word doc format codes, etc. from a line of text when it is inserted into the input area of the page (in my case, the element is set as "contenteditable"), so does it always go like clear text?

Of course, before even thinking about the part related to cleaning / disinfection, I first need a reliable way to listen and capture text from the insert event, and I'm not sure how to do it.

Thanks in advance!

+6

javascript jquery regex sanitization contenteditable

Bill dami Jun 22 '10 at 18:19

source share

3 answers

It already exists in TinyMCE , so I suggest deploying it. It is also available as a jQuery package and released under the LGPL, so it can be used in a commercial project.

See http://wiki.moxiecode.com/index.php/TinyMCE:Plugins/paste for couple related functions.

+2

Ain tohvri Jun 22 '10 at 18:30

source share

Perhaps this is possible, but I would say that it is impractical as a security measure, since any client-side code can be changed. How would you handle a situation where javascript was disabled? Or does someone go to your page when using the Firebug debugger and skip checking?

Use the client side for faster user feedback, but do not rely on it.

Use server-side validation and disinfection to do real work.

0

Odded Jun 22 '10 at 18:24

source share

Tim down · Accepted Answer · 2010-06-23T00:30:02+0000

You can use a hack that uses the current versions of TinyMCE and CKEditor. I described in this answer .

Removing any html / formatting / ect from text string when pasting through javascript / jquery?

More articles: