Every time I added a video from youtube to my product description or a page in my CS-Cart it disappear after saving!!!
Can you help me in this?
Every time I added a video from youtube to my product description or a page in my CS-Cart it disappear after saving!!!
Can you help me in this?
This can happen in Multi-Vendor. Open the config.local.php file and replace this line:
'sanitize_user_html' => 'auto',
with this one:
'sanitize_user_html' => false,
Every time I added a video from youtube to my product description or a page in my CS-Cart it disappear after saving!!!
Can you help me in this?
When you add video, do not forget to switch WYSIWYG editor to the Source code mode
This can happen in Multi-Vendor. Open the config.local.php file and replace this line:
'sanitize_user_html' => 'auto',with this one:
'sanitize_user_html' => false,
This will not affect the sensitiveness of the site layout from desktop to mobile?
When you add video, do not forget to switch WYSIWYG editor to the Source code mode
I do but the codes disappear after I click "SAVE"
This will not affect the sensitiveness of the site layout from desktop to mobile?
No, it will not. It was implemented to deny vendors to insert code into product descriptions, titles and etc.
Hi,
'sanitize_user_html' => 'auto', to false for MV
We also see this after saving. If we set it to false. What can happen?
Some advise us not to do, but every time the same message is not fun.Is there a way that the info is not popping up?
Only the message from < object >, < iframe >, < embed > en JavaScript-code
Can we turn the permission of for the vendor this if we put it on false (sanitize)?
Hi,
'sanitize_user_html' => 'auto', to false for MV
We also see this after saving. If we set it to false. What can happen?
Some advise us not to do, but every time the same message is not fun.Is there a way that the info is not popping up?
Only the message from < object >, < iframe >, < embed > en JavaScript-code
Can we turn the permission of for the vendor this if we put it on false (sanitize)?
This setting does not affect anything except the ability to insert some code into descriptions by vendor.
Can the vendor add other things or an virus on the website? At least that's what the person said to us from who we bought the Multivendor software. It is dangerous.
Also, doesn't slow down the page if the vendor adds iframe, div, etc.. in the descriptions? Is it possible to adjust the editor on the vendor side to exclude the option to put in codes? That the vendor can only add text and choose bold, cursif, underline and a bullitlist?
Hello
I have a cs cart 4.3.5 and i have the same problem...
When i put the link code from you tube and save... the video dissaper
Help!
Can the vendor add other things or an virus on the website? At least that's what the person said to us from who we bought the Multivendor software. It is dangerous.
That's a great question. I don't mind if vendors use html code for formatting or things like embedding a video. But, does disabling this "sanitize_user_html" option give vendors the ability to run malicious code?
That's a great question. I don't mind if vendors use html code for formatting or things like embedding a video. But, does disabling this "sanitize_user_html" option give vendors the ability to run malicious code?
Yes, this is correct. If this option is disabled, vendors can add any JS code to description and name of product, category, etc.
Yes, this is correct. If this option is disabled, vendors can add any JS code to description and name of product, category, etc.
Bummer. Oh well, thanks for confirming.
Is there a setting we could change or a modification we could do that would allow for the sanitizing to be disabled for admins but stay enabled for vendors?