grapesjs-custom-code icon indicating copy to clipboard operation
grapesjs-custom-code copied to clipboard
verified publisher icon artf

Script Tag is sanitized in the output

Open thequickcode opened this issue 1 year ago • 3 comments

Hello,

When using the following custom code

<script> alert('hi') </script>

The result would sanitize the script tag as following

 &lt;script&gt;alert('hi')&lt;/script&gt;

Am I missing anything?

thequickcode avatar Apr 22 '24 10:04 thequickcode

Hello,

You could try with this config and see if it works for you:

grapesjs.init({
  ...
  parser: {
    optionsHtml: {
      allowScripts: true,
    },
  },
});

quentin-bettoum avatar May 20 '24 15:05 quentin-bettoum

I used the following configs:


grapesjs.init({
        allowScripts: true,

thequickcode avatar May 23 '24 10:05 thequickcode

I used the following configs:

grapesjs.init({
        allowScripts: true,

This one is deprecated, it might not work anymore in the future.

@deprecated in favor of `config.parser.optionsHtml.allowScripts`

quentin-bettoum avatar May 27 '24 06:05 quentin-bettoum