Multi-Vendor: Can Not Save Html And Script Tags In Descriptioin

crazyshark20 · December 26, 2015, 12:00am

NotThis website has restrictions on inserting HTML code. Some HTML tags like ,

i got this error when i want to see my products

Attention Some errors occurred (Internal Server Error). Please try again.

i coudnt see my products i use multivendor 4.3.5

Thanks for all

crazyshark20 · December 27, 2015, 12:00am

notice_entered_html_was_sanitized

error_ajax

ecomlabs · December 28, 2015, 12:00am

This behaviour is related with the sanitize_user_html option in the config.local.php file:

    // Whether to remove any javascript code from description and name of product, category, etc.
    // Auto - false for ULT, true for MVE.
    'sanitize_user_html' => 'auto',

Try to disable it (set value to false)

shikhar · December 30, 2015, 12:00am

NotThis website has restrictions on inserting HTML code. Some HTML tags like , , and JavaScript code are cut off.

i got this error when i want to see my products

Attention Some errors occurred (Internal Server Error). Please try again.

i coudnt see my products i use multivendor 4.3.5

Thanks for all

Hi,

could you find a solution for this ?Doesnt work for me even after changing the config value 'sanitize_user_html' => 'false'.

ecomlabs · December 30, 2015, 12:00am

Hi,

could you find a solution for this ?Doesnt work for me even after changing the config value 'sanitize_user_html' => 'false'.

In this case please contact CS-Cart support team. The issue should be examined on your server

shikhar · December 31, 2015, 12:00am

My bad, I had put false in single quotes should be 'sanitize_user_html' => false

Works fine now !

ecomlabs · January 5, 2016, 12:00am

I am glad to hear that the issue is solved

arteeni · June 30, 2016, 12:00am

This behaviour is related with the sanitize_user_html option in the config.local.php file:
    // Whether to remove any javascript code from description and name of product, category, etc.
    // Auto - false for ULT, true for MVE.
    'sanitize_user_html' => 'auto',
Try to disable it (set value to false)

Thanks eComLabs - this did the trick. Question, though: does disabling this option give vendors the ability to run malicious code? I don't mind if vendors use html code for formatting or things like embedding a video, but I definitely don't want to open us up to security issues.

mifzal79 · September 3, 2019, 12:00am

I have created an html block and inserted this

While my appearance set to "Do not use" under Default wysiwyg editor:

I get Forbidden page error.

But When I use other options other than "Do not use", then those javascript codes are not saving. What can be the problem?

By the way, I am using 4.10

ecomlabs · September 4, 2019, 12:00am

Try to wrap your code with

{literal}
...
{/literal}

mifzal79 · September 4, 2019, 12:00am

What do you mean by that?

ecomlabs · September 4, 2019, 12:00am

If you use HML block with Smarty support, add the following content

{literal}



{/literal}

mifzal79 · September 4, 2019, 12:00am

If you use HML block with Smarty support, add the following content
{literal}



{/literal}

I have made 'sanitize_user_html' => false, in config.local.php file

I went to Admin panel and tried to add a smarty html block with this

{literal}

<script type="text/javascript">
var Tawk_API=Tawk_API||{}, Tawk_LoadStart=new Date();
(function(){
var s1=document.createElement("script"),s0=document.getElementsByTagName("script")[0];
s1.async=true;
s1.src='https://embed.tawk.to/5d69e48c77aa790be331af24/default%27;';
s1.charset='UTF-8';
s1.setAttribute('crossorigin','*');
s0.parentNode.insertBefore(s1,s0);
})();
script>

{/literal}

And I get this error

404

ERROR

Oops!

We were unable to find what you were looking for.

The page you have requested cannot be found.

Error code: Page Not Found

ecomlabs · September 5, 2019, 12:00am

It is required to examine issue on your server in this case

mifzal79 · September 5, 2019, 12:00am

Ok what do you need Sir? Shall I give you my hosting details? Is this related to .htaccess file?