Cscart 4.3.2 Iframe Youtube Movie

hi guys

i try to put youtube in description with this code -->html → put this code

then turn on it show well in admin then -----> ""save"" then all gone..

why this happen?

how can i use iframe code without problem?

Try to check the behavior with another WYSIWYG editor

thanks so much your reply ecomlabs

i have 4.,3.2 multivendor i tried 3 editor… after clear cache…


when i put that code it appear at admin before ““save”” then i push save then it';s gone

Do you switch editor to the source code mode?

means “”" [color=#333333]Full description “”" at product option?[/color]

[color=#333333]ofcouse i upload with source…that i mentioend [/color]

[color=#282828][font=arial, verdana, tahoma, sans-serif][/font][/color]

[color=#282828][font=arial, verdana, tahoma, sans-serif]it's gone…i already tested in cscart demo site…[/font][/color]

[color=#282828][font=arial, verdana, tahoma, sans-serif]it' s same situation happen. [/font][/color]

my programer said --------------cscart block “” iframe"" for security…

so what method is ok? only need movie addon?

or what?

Please use embed code instead of iframe:

thanks so much ecomlabs


Embed code works correctly for me:



Just go to this page and generate embed code:

When copy to to the WYSIWYG editor (it should be in the source mode)


i tried al 3 editors in souce mode and it did not works, also tried the no=editor field and still same situation


you can test --online demo.

it' does not work on current version of cscart 4.3.2

Unfortunately it is not allowed to create html block on the .com demo, here is screenshot from the .ru demo ([color=#000000]CS-Cart [/color]4.3.2):

once again…i surprise that how kind people is here like --------ECOMLABS

if i need purchase some addon i will not hesitate to buy from ECOMLABS.

once again i really appreciate ecomlabs

i found that problem and way to solution ---------- if you want to know i will send pm message


Starting from 4.3.1 version, we added the sanitize_user_html tweak If it is enabled, it removes any J-vaScript code from the product description, name, etc. By default, it is enabled in Multi-Vendor and disabled in CS-Cart in order to prevent vendor's administrators to add JS code.

So you're now going to allow your vendors to include their own JS code in descriptions and you're not worried about security. Usually these type of restrictions are put in place for a reason. Please be careful.

hello tbirnseth…

actually we do not have vendor —i update all product… it is still dangerous?

But iframe is not javascript. Are you sure that this tweak will solve your problem?

As I understand the tweak above relates to the Multi-vendor edition only. It is disabled for cs-cart.

[quote name='tbirnseth' timestamp='1435955553' post='221566']

As I understand the tweak above relates to the Multi-vendor edition only. It is disabled for cs-cart.


Correct. The tweak “sanitize_user_html” does nothing in CS-Cart. works only for Multi-Vendor.

i said ““we do not vendor”” means ------------i update product my self --but yes our shop is MULTI VENDOR…