Fixed Issues:
<figure>
tag with an image
class is upcasted.getValue()
function is defined in the global scope.Other Changes:
package.json
file.Fixed Issues:
Security Updates:
Fixed XSS vulnerability in the HTML parser reported by maxarr.
Issue summary: It was possible to execute XSS inside CKEditor after persuading the victim to: (i) switch CKEditor to source mode, then (ii) paste a specially crafted HTML code, prepared by the attacker, into the opened CKEditor source area, and (iii) switch back to WYSIWYG mode.
An upgrade is highly recommended!
New Features:
aria-haspopup
property values. The Menu Button aria-haspopup
value is now menu
, the Panel Button and Rich Combo aria-haspopup
value is now listbox
.contextmenu_contentsCss
configuration option to allow adding custom CSS to the Context Menu.Fixed Issues:
required
attribute is not correctly recognized by the Form Elements plugin dialog. Thanks to Roli Züger!Permission denied
is thrown when opening a Panel instance.config.forceSimpleAmpersand
option does not work. Thanks to Alex Maris!Escape HTML Entities
] plugin with custom additional entities configuration breaks HTML escaping.(Selected)
text at the end of the label when clicked.onAbort
method of the Upload Widget is not called when the loader is aborted.CKEDITOR.filter.instances
is causing memory leaks.API Changes:
CKEDITOR.ui.panel.block.getItems
method now also returns input
elements in addition to links.CKEDITOR.tools.convertToPx
function now converts negative values.insert
method now passes editor
and commandData
. Thanks to marcparmet!tools.eventsBuffer
and tools.throttle
functions logic into a separate namespace.
tools.eventsBuffer
was extracted into tools.buffers.event
,tools.throttle
was extracted into tools.buffers.throttle
.CKEDITOR.filter
constructor accepts an additional rules
parameter allowing to bind the editor and filter together.editor.getCommandKeystroke
method accepts an additional all
parameter allowing to retrieve an array of all command keystrokes.hasArrow
definition option can by identified by the .cke_button_expandable
CSS class.Other Changes:
Fixed Issues:
instanceReady
.editor.destroy()
during the file upload throws an error. Thanks to Maksim Makarevich!id
attribute. Thanks to Nathan Samson!<font>
tag is not preserved when proper configuration is provided and a style is applied by the Font plugin.object
, embed
, param
are removed from the editor content.API Changes:
editor.plugins.detectConflict()
method finding conflicts between provided plugins.New Features:
CKEDITOR.dom.range
for matching text.Fixed Issues:
CKEDITOR.dialog.definition.onHide
API documentation. Thanks to sunnyone!\u3000
) is lost when pasting text.config.forcePasteAsPlainText
option is not respected in internal and cross-editor pasting.API Changes:
replace
dialog from the Find / Replace plugin with a tabId
option in the find
command.CKEDITOR.editor.addCommand()
method can now accept a CKEDITOR.command
instance as a parameter.extraPlugins
, removePlugins
and plugins
configuration options allow whitespace.extraPlugins
, removePlugins
and plugins
configuration options allow passing plugin names as an array.getClientRect()
function allowing to retrieve an absolute bounding rectangle of the element, i.e. a position relative to the upper-left corner of the topmost viewport.getClientRects()
method to CKEDITOR.dom.range
. It returns a list of rectangles for each selected element.CKEDITOR.tools.throttle()
function.Other Changes:
gv_GB
) and Interlingua (ia_XR
).alt
attribute for the logo image in the About tab of SCAYT.Security Updates:
Fixed XSS vulnerability in the Enhanced Image (image2
) plugin reported by Kyaw Min Thein.
Issue summary: It was possible to execute XSS inside CKEditor using the <img>
tag and specially crafted HTML. Please note that the default presets (Basic/Standard/Full) do not include this plugin, so you are only at risk if you made a custom build and enabled this plugin.
We would like to thank the Drupal security team for bringing this matter to our attention and coordinating the fix and release process!
Fixed Issues:
New Features:
config.fileTools_requestHeaders
configuration option.CKEDITOR.config.startupFocus
as start
or end
to specify where the editor focus should be after the initialization.data-cke-magic-line="1"
attribute.Fixed Issues:
contextDefinition.cssSelector
matcher.change
event.config.forcePasteAsPlainText
option.border
shorthand property was incorrectly expanded ignoring the border-color
style.API Changes:
pluginDefinition.init()
method of the requiring plugin.Other Changes:
scayt_minWordLength
configuration option now defaults to 3 instead of 4.localStorage
is disabled.Unable to get property type of undefined or null reference
error in the browser console when SCAYT is disabled/enabled.You already have the dictionary
error.'
on the replacement make the WSC dialog inaccessible.Uncaught TypeError
error in the browser console.Important Notes:
config.imageUploadUrl
property.New Features:
#
) if needed. It ensures a valid Hex color value is used when setting the table cell border or background color with the Color Dialog window.CKEDITOR.tools.keystrokeToArray()
method. It converts a keystroke into its string representation, returning every key name as a separate array element.CKEDITOR.tools.object.merge()
method. It allows to merge two objects, returning the new object with all properties from both objects deeply cloned.CKEDITOR.tools.array.every()
method. It invokes a given test function on every array element and returns true
if all elements pass the test.Fixed Issues:
CKEDITOR.focusManager.focus()
API documentation. Thanks to benjy!config.colorButton_colors
option are not correctly highlighted in the Color Button Text Color or Background Color panel.upcast
methods are called for every element.uploadWidgetDefinition
.config.skin
is loaded using a custom path.API Changes:
upcast
methods are now called in the widget definition's context.show
option in the balloonPanel.attach()
method, allowing to attach a hidden Balloon Panel instance.skipNotifications
option to the CKEDITOR.fileTools.uploadWidgetDefinition
, allowing to switch off default notifications displayed by upload widgets.Other Changes:
New Features:
CKEDITOR.filter.disallowedContent
property.Fixed Issues:
change
event not fired when typing the first character after pasting into the editor. Thanks to Daniel Miller!border
shorthand property with zero width (border: 0px solid #000;
) causes the table to have the border attribute set to 1.CKEDITOR.config.enterMode
is set to CKEDITOR.ENTER_BR
.Other Changes:
CKEDITOR.dom.selection.isCollapsed()
method which is a simpler way to check if the selection is collapsed.CKEDITOR.dialogCommand
.New Features:
Fixed Issues:
Uncaught TypeError: element.is is not a function
error.cke_table-faked-selection-table
class is visible in the Stylesheet Classes field of the Table Properties dialog.range.cloneContents()
method selects the whole element when the selection starts at the beginning of that element.range.extractContents()
method returns an incorrect result when multiple nodes are selected.elementPath.contains()
method incorrectly excludes the last element instead of root when the fromTop
parameter is set to true
.Other Changes:
CKEDITOR.dom.nodeList.toArray()
method which returns an array representation of a node list.New Features:
Fixed Issues:
editor.getCommandKeystroke()
method does not obtain the correct keystroke.CKEDITOR.filter
incorrectly transforms the margin
CSS property.Important Notes:
embed_provider
configuration option for the Media Embed and Semantic Media Embed plugins is no longer preset by default.YUI 2.7.0
library which has some known vulnerabilities (it's a security precaution, there was no security issue in CKEditor due to the way it was used).New Features:
CKEDITOR.template
removed. CKEditor can now be used without the unsafe-eval
Content Security Policy. Thanks to Caridy Patiño!background
property containing also other styles for table cells in the Table Tools plugin.config.enableContextMenu
configuration option for enabling and disabling the context menu.command
parameter in CKEDITOR.editor.getCommandKeystroke()
now also accepts a command name as an argument.CKEDITOR.dom.range.shrink()
method now allows for skipping bogus <br>
elements.Fixed Issues:
<span>
elements with height
style stacked when pasting from Word.<div>
elements with a <div>
.CKEDITOR.getCss()
API documentation. Thanks to knusperpixel!src
/srcdoc
attributes of the <iframe>
element in a CKEditor setup with ACF turned off and without the Iframe Dialog plugin. The issue was originally reported as a security issue by Sriramk21 from Pegasystems and was later downgraded by the security team into a normal issue due to the requirement of having ACF turned off. Disabling Advanced Content Filter is against security best practices, so the problem described above has not been considered a security issue as such.Other Changes:
cdn.mathjax.org
to cdnjs, due to closing of cdn.mathjax.org
scheduled for April 30, 2017.New Features:
config.colorButton_colorsPerRow
configuration option for setting the number of rows in the color selector.Fixed Issues:
config.pasteFromWord_heuristicsEdgeList
configuration option.element.setSize()
sets incorrect editor dimensions if the border width is represented as a fraction of pixels.<div>
-based editor.New Features:
callback
parameter in the CKEDITOR.ajax.post()
method became optional.Fixed Issues:
background
property if it only contains a color value. This fixes missing background colors when using Paste from Word.New Features:
config.pasteFromWordRemoveFontStyles
option now defaults to false
. This option will be deprecated in the future. Use Advanced Content Filter to replicate the effect of setting it to true
.config.pasteFromWordNumberedHeadingToList
and config.pasteFromWordRemoveStyles
options were dropped and no longer have any effect on pasted content.uploaded.width/height
if set.download
attribute in link (<a>
) elements. Selecting the "Force Download" checkbox in the Link dialog will cause the linked file to be downloaded automatically. Thanks to sbusse!additionalRequestParameters
property for file uploads to make it possible to send additional information about the uploaded file to the server.config.image2_altRequired
option for the Enhanced Image plugin to allow making alternative text a mandatory field. Thanks to Andrey Fedoseev!Fixed Issues:
mso-list: ignore
style is not handled properly when pasting from Word.<li>
element after pasting from Word.<span>
elements in Paste from Word content cleanup breaking content formatting.config.enterMode
set to CKEDITOR.ENTER_BR
.color:windowtext
style.config.pasteFromWordRemoveFontStyles
is ignored under certain conditions.Other Changes:
<div>
element.Security Updates:
[Severity: minor] Fixed the target="_blank"
vulnerability reported by James Gaskell.
Issue summary: If a victim had access to a spoofed version of ckeditor.com via HTTP (e.g. due to DNS spoofing, using a hacked public network or mailicious hotspot), then when using a link to the ckeditor.com website it was possible for the attacker to change the current URL of the opening page, even if the opening page was protected with SSL.
An upgrade is recommended.
New Features:
target
attribute.Fixed Issues:
<div>
-based editor.setActive()
method.Fixed Issues:
font-style
family property correctly, removing quotes and whitespace from font names.config.autoGrow_onStartup
option set to true
does not work properly for an editor that is not visible.onerror
and onload
events are not used in browsers it could have been used when loading scripts dynamically.Fixed Issues:
min-height
style for the <body>
element and the height
style for the <html>
element breaks the Auto Grow plugin.<iframe>
element.dom.element.removeAttribute()
method does not remove all attributes if no parameter is given.CKEDITOR.style
instance with the styles
property by CKEDITOR.filter
.New Features:
config.colorButton_enableAutomatic
option to allow hiding the "Automatic" option in the color picker.Fixed Issues:
New Features:
Fixed Issues:
IndexSizeError
when using the Div Editing Area and Content Templates plugins.editor.getData()
fails when the cursor is next to an <hr>
tag.editor.getData()
throw an error when an image is the only data in the editor.New Features:
CKEDITOR.tools.getCookie()
and CKEDITOR.tools.setCookie()
methods for accessing cookies.CKEDITOR.tools.getCsrfToken()
method. The CSRF token is now automatically sent by the File Browser and File Tools plugins during file uploads. The server-side upload handlers may check it and use it to additionally secure the communication.Other Changes:
Fixed Issues:
target
attribute value. Thanks to SamZiemer!undefined
string is appended to an email address added with the Link plugin if subject and email body are empty and config.emailProtection
is set to encode
.<iframe>
after the editor was detached from DOM. Thanks to Stefan Rijnhart!classList
polyfill is used.editor.drop
event.background-image
path needs single quotes around the URL value.contents.css
style is not used if the IFrame Editing Area plugin is missing.isContentEditable
property of an <input>
DOM element.Other Changes:
bender.tools.createTestsForEditors
will also receive editor bot as a second parameter.New Features:
Fixed Issues:
onChange
does not work. Thanks to Iliya Kostadinov!<div>
element.<body>
element is not handled correctly.<h1-6>
element to be a child of the <summary>
element.name
attribute.Other Changes:
CKEDITOR.env.mobile
as deprecated. The reason is that it is no longer clear what "mobile" means.New Features:
config.fileTools_defaultFileName
option to allow setting a default file name for paste uploads.Fixed Issues:
editor.getSelectedHtml()
method returns invalid results for entire content selection.Other Changes:
Fixed Issues:
<textarea>
element storing editor configuration in the toolbar configurator.CKEDITOR.plugins.clipboard.isHtmlInExternalDataTransfer
property as the check must be dynamic.DataTransfer.getData()
should work consistently in all browsers and should not strip valuable content. Fixed pasting tables from Microsoft Excel on Chrome.dataTransfer
does not work if text
data was set in the meantime.editor.getSnapshot()
may return a non-string value.Other Changes:
Fixed Issues:
New Features:
config.sharedSpaces
. Thanks to Undergrounder!dialog#setState()
method and used it in the Embed dialog to indicate that a resource is being loaded.repository.onWidget()
method — a convenient way to listen to widget events through the repository.Fixed Issues:
editor.getSelectedHtml()
method throws an error when called in the source mode.internalCommit
argument in the Image dialog seems to be never used.CKEDITOR.tools.htmlEncode()
and CKEDITOR.tools.htmlDecode()
methods.range.cloneContents()
and range.extractContents()
methods which now clone IDs similarly to their native counterparts.cloneId
arguments to the above methods, range.splitBlock()
and element.breakParent()
. Mind the default values and special behavior in the extractContents()
method!config.removeButtons
is ignored by the advanced toolbar configurator.Other Changes:
CKEDITOR.env.isCompatible
a blacklist rather than a whitelist. More about the change in the Browser Compatibility guide.CKEDITOR.fileTools.UploadsRepository
to CKEDITOR.fileTools.UploadRepository
and changed all related properties.lang.image.alertUrl
token from the Image plugin.New Features:
Clipboard (copy&paste, drag&drop) and file uploading features and improvements (#11437).
editor#paste
event and a set of new editor events was introduced — dragstart
, drop
, dragend
.editor#paste
event.editor#paste
event can have the range
parameter so it is possible to change the paste position in the listener or paste in the not selectable position. Also the editor.insertHtml()
method now accepts range
as an additional parameter.#11621: A configurable paste filter was introduced. The filter is by default turned to 'semantic-content'
on Webkit and Blink for all pasted content coming from external sources because of the low quality of HTML that these engines put into the clipboard. Internal and cross-editor paste is safe due to the change explained in the previous point.
Other changes and related fixes:
#12095: On drag and copy of widgets the same method is used to get selected HTML as in the normal case. Thanks to that styles applied to inline widgets are not lost.
#11219: Fixed: Dragging a captioned image does not fire the editor#paste
event.
#9554: [Webkit Mac] Fixed: Editor scrolls on paste.
#9898: [Webkit&Divarea] Fixed: Pasting causes undesirable scrolling.
#11993: [Chrome] Fixed: Pasting content scrolls the document.
#12613: Show the user that they can not drop on editor UI (toolbar, bottom bar).
#12851: [Blink/Webkit] Fixed: Formatting disappears when pasting content into cells.
#12914: Fixed: Copy/Paste of table broken in div
-based editor.
Browser support.
Browser support for related features varies significantly (see http://caniuse.com/clipboard).
File APIs needed to operate and file upload is not supported in Internet Explorer 9 and below.
Only Chrome and Safari on Mac OS support setting custom data items in the clipboard, so currently it is possible to recognize the origin of the copied content in these browsers only. All drag and drop operations can be identified thanks to the new Data Transfer facade.
No Internet Explorer browser supports the standard clipboard API which results in small glitches like where only plain text can be dropped from outside the editor. Thanks to the new Data Transfer facade, internal and cross-editor drag and drop supports the full range of data.
Direct access to clipboard could only be implemented in Chrome, Safari on Mac OS, Opera and Firefox. In other browsers the pastebin must still be used.
#12875: Samples and toolbar configuration tools.
#10925: The Media Embed and Semantic Media Embed plugins were introduced. Read more about the new features in the Embedding Content article.
#10931: Added support for nesting widgets. It is now possible to insert one widget into another widget's nested editable. Note that unless nested editable's allowed content is defined precisely, starting from CKEditor 4.5 some widget buttons may become enabled. This feature is not supported in IE8. Included issues:
editor.insertHtml()
method. Fixes pasting a widget with a nested editable inside another widget's nested editable.Notification system:
#11636: Introduced new, UX-focused, methods for getting selected HTML and deleting it — editor.getSelectedHtml()
and editor.extractSelectedHtml()
.
#12416: Added the widget.definition.upcastPriority
property which gives more control over widget upcasting order to the widget author.
#12036: Initialize the editor in read-only mode when the <textarea>
element has a readonly
attribute.
#11905: The resize
event passes the current dimensions in its data.
#12126: Introduced config.image_prefillDimensions
and config.image2_prefillDimensions
to make pre-filling width
and height
configurable for the Enhanced Image.
#12746: Added a new configuration option to hide the Enhanced Image resizer.
#12150: Exposed the getNestedEditable()
and is*
widget helper functions (see the static methods).
#12448: Introduced the editable.insertHtmlIntoRange
method.
#12143: Added the config.floatSpacePreferRight
configuration option that switches the alignment of the floating toolbar. Thanks to InvisibleBacon!
#10986: Added support for changing dialog input and textarea text directions by using the Shift+Alt+Home/End keystrokes. The direction is stored in the value of the input by prepending the \u202A
or \u202B
marker to it. Read more in the documentation. Thanks to edithkk!
#12770: Added support for passing widget's startup data as a widget command's argument. Thanks to Rebrov Boris and Tieme van Veen!
#11583: Added support for the HTML5 required
attribute in various form elements. Thanks to Steven Busse!
Changes:
config.mathJaxLibrary
option does not default to the MathJax CDN any more. It needs to be configured to enable the Mathematical Formulas plugin now.editable.insertHtml()
and editable.insertElement()
when the range
parameter is used. Now, the editor.insertElement()
method works on a higher level, which means that it saves undo snapshots and sets the selection after insertion. Use the editable.insertElementIntoRange()
method directly for the pre 4.5 behavior of editable.insertElement()
.editor.showNotification()
instead of alert()
directly whenever possible. When the Notification plugin is loaded, the notification system is used automatically. Otherwise, the native alert()
is displayed.dom.element.addClass()
, dom.element.removeClass()
and dom.element.hasClass()
methods. Note: The previous implementation allowed passing multiple classes to addClass()
although it was only a side effect of that implementation. The new implementation does not allow this.Fixed issues:
range.cloneContents()
should not change the DOM in order not to affect selection.dom.element.getChild()
should not modify a passed array.<br />
filler is placed in the wrong position by the range.fixBlock()
method due to quirky Firefox behavior.Security Updates:
Fixed XSS vulnerability in the HTML parser reported by Dheeraj Joshi and Prem Kumar.
Issue summary: It was possible to execute XSS inside CKEditor after persuading the victim to: (i) switch CKEditor to source mode, then (ii) paste a specially crafted HTML code, prepared by the attacker, into the opened CKEditor source area, and (iii) switch back to WYSIWYG mode.
An upgrade is highly recommended!
Fixed Issues:
CKEDITOR.dom.text
is incorrect. Thanks to Ben Kiefer!/>
. Thanks to Віталій Крутько!CKEDITOR.ui.dialog.radio
validation to not work. Thanks to Florian Ludwig!element.appendText()
method does not work properly for empty elements.foo:href
attributes.<li>
elements. Thanks to Andrew Stucki!editor.getData()
parameter documentation.<iframe>
.<body>
has a margin.Other Changes:
0.2.3
.truncated-mathjax/
is now removed from the tests/
directory. Now bender.config.mathJaxLibPath
must be configured manually in order to run Mathematical Formulas plugin tests.Fixed Issues:
config.tabSpaces
configuration option value was greater than zero.table-layout
CSS property should be reset by skins. Thanks to vita10gy!iframe
. Thanks to Vitaliy Zurian!config.fillEmptyBlocks
should only apply when outputting data.chameleon
property defined and config.uiColor
is defined.Security Updates:
Fixed XSS vulnerability in the HTML parser reported by Maco Cortes.
Issue summary: It was possible to execute XSS inside CKEditor after persuading the victim to: (i) switch CKEditor to source mode, then (ii) paste a specially crafted HTML code, prepared by the attacker, into the opened CKEditor source area, and (iii) switch back to WYSIWYG mode.
An upgrade is highly recommended!
New Features:
<main>
element to the CKEDITOR.dtd
.Fixed Issues:
user-select: none
style. Thanks to shaohua!editor.blur
event is not fired on first blur after initializing the inline editor on an already focused element.editor.change
event fired on first navigation key press after typing.config.magicline_putEverywhere
name used for a Magic Line all-encompassing config.magicline_everywhere
configuration option.New Features:
node.getAscendant()
.Fixed Issues:
CKEDITOR_GETURL
is not used with some plugins where it should be used. Thanks to Thomas Andraschko!<base>
tag is not created when <head>
has an attribute. Thanks to naoki.fujikawa!config.autoParagraph
as deprecated.<cite>
elements.CKEDITOR.filter.instances
on editor destroy.document.title
which breaks updating title in the full HTML mode.Fixed Issues:
keypress
listeners should not be used in the undo manager. A complete rewrite of keyboard handling in the undo manager was made. Numerous smaller issues were fixed, among others:
editor.change
event.editor.change
event is fired when pressing Arrow keys.UndoManager.locked
property violate strict mode in the Undo plugin.paste
event is not fired when pasting with Shift+Ins.document.activeElement
.<body>
in Compatibility Mode will no longer reset selection to the first line.config.title
.Other Changes:
benderjs-ckeditor
into the main CKEditor repository.Security Updates:
An upgrade is highly recommended!
New Features:
Fixed Issues:
width
and height
styles even when they are not allowed.config.disableObjectResizing
does not work on IE. Note: We were not able to fix this issue on IE11+ because necessary events stopped working. See a last resort workaround and make sure to support our complaint to Microsoft.<meta>
tags should be allowed everywhere, including inside the <body>
element.config.fillEmptyBlocks
not working properly if a function is specified.Important Notes:
tests/
directory which contains editor tests is not available in release packages. It can only be found in the development version of CKEditor on GitHub.New Features:
editor.setData()
method from recording undo snapshots.Fixed Issues:
widget.repository.getByElement()
method was improved.editor.setData()
and nestedEditable.setData()
.<span>
elements created when joining adjacent elements (non-collapsed selection).role="radiogroup"
should be applied only to radio inputs' container.element.setText()
method should not trigger the layout engine.allowFullScreen
parameter in the editor data if set to true
.config.baseHref
into account when updating image dimensions.checkDirty()
method value after focusing or blurring a widget./dev/builder/build.sh
script.IndexSizeError
thrown when pasting into a non-empty selection anchored in one text node.New Features:
Fixed Issues:
dir
attribute for a preloaded language in CKEDITOR.lang. Thanks to Akash Mohapatra!<code>
element.<title>
element.editor.insertElement()
throwing an exception when there was no selection in the editor.element.addClass()
chainable symmetrically to element.removeClass()
.contenteditable
attribute set to true
.contenteditable
attribute set to false
are not downcasted properly.Other Changes:
attribute.specified
in all browsers except Internet Explorer.<pre>
to 4 spaces.Important Notes:
editor.beforePaste
event as deprecated.image
(was: caption
). Please note that once edited in CKEditor 4.4+, all existing images of the caption
class (<figure class="caption">
) will be filtered out unless the config.image2_captionedClass
option is set to caption
. For backward compatibility (i.e. when upgrading), it is highly recommended to use this setting, which also helps prevent CSS conflicts, etc. This does not apply to new CKEditor integrations.allowedContent
and requiredContent
properties for it manually, because the editor will not be able to find them.CKEDITOR.style
methods to ensure full compatibility with other features (e.g. applying styles to widgets requires that). We ensured backward compatibility though, so the CKEDITOR.style
will work even when the editor instance is not provided.New Features:
type
and widget
. Read more in the Widget Styles section of the "Syles Drop-down" guide. Note that by default, widgets support only classes and no other attributes or styles. Related changes and features:
CKEDITOR.style.addCustomHandler()
method for registering custom style handlers.CKEDITOR.style.apply()
and CKEDITOR.style.remove()
methods are now called with an editor instance instead of the document so they can be reused by the CKEDITOR.editor.applyStyle()
and CKEDITOR.editor.removeStyle()
methods. Backward compatibility was preserved, but from CKEditor 4.4 it is highly recommended to pass an editor instead of a document to these methods.widget.definition.styleableElements
, widget.definition.styleToAllowedContentRule
, widget.addClass()
, widget.removeClass()
, widget.getClasses()
, widget.hasClass()
, widget.applyStyle()
, widget.removeStyle()
, widget.checkStyleActive()
.CKEDITOR.style.toAllowedContent()
method which can be implemented by the custom style handler and if exists, it is used by the CKEDITOR.filter
to translate a style to allowed content rules.config.image2_captionedClass
option to configure the class of captioned images.config.image2_alignClasses
option to configure the way images are aligned with CSS classes.
If this setting is defined, the editor produces classes instead of inline styles for aligned images.editor.lang.image2.captionPlaceholder
string.filter.addElementCallback()
).editor.addContentsCss()
method that can be used for adding custom CSS files.CKEDITOR.tools.htmlDecode()
method for decoding HTML entities.CKEDITOR.tools.transparentImageData
property which contains transparent image data to be used in CSS or as image source.Other Changes:
editable.status
property.forceUpdate
option for the editor.lockSnapshot
event.Fixed Issues:
editor.removeStyle()
should result in a paragraph and not a div.New Features:
Fixed Issues:
Fixed Issues:
<span>
elements.element.renameNode()
not clearing the element.getName()
cache.{cke_protected_1}
appearing in data in various cases where HTML comments are placed next to "
or '
.Fixed Issues:
selection.removeAllRanges()
is now scoped to selection's root.editor.checkDirty()
method.editor.execCommand()
behavior.widget.doubleclick
event is not canceled anymore after editing was triggered.htmlDataProcessor
discovering protected attributes within other attributes' values.domObject.removeAllListeners()
method does not remove custom listeners completely.selection.getRanges()
method does not override cached ranges when used with the onlyEditables
argument.config.fullPage
is set to true
, entities are not encoded in editor output.Fixed Issues:
aria-pressed
attribute.CKEDITOR.template
improvements:
config.contentsCss
is affected by CKEDITOR.getUrl()
.widgets.repository.addUpcastCallback()
method that allows to block upcasting given element to a widget.line-height
to unitless values to avoid huge text overlapping (like in #9696).div
-based editor.<div>
element with text-align: center
and an image inside is not recognised correctly.Important Notes:
language
button is now Language
(#11201).Fixed Issues:
widget.repository.checkWidgets()
method now fires the widget.repository.checkWidgets
event, so from CKEditor 4.3.1 it is preferred to use the method rather than fire the event.editor.insertElement()
and editor.insertText()
methods do not call the widget.repository.checkWidgets()
method.env.quirks
for more details.figure
and figcaption
styles to the contents.css
file so Enhanced Image looks nicer.editor.insertElement()
method does not insert the element into every range of a selection any more.editor.applyStyle()
method removes attributes from nested elements.editor.destroy()
does not cleanup content generated by the Table Resize plugin for inline editors.<textarea>
element are not encoded.New Features:
draggable
option to disable drag and drop support for widgets.config.dialog_noConfirmCancel
configuration option that eliminates the need to confirm closing of a dialog window when the user changed any of its fields.Fixed Issues:
image2inline
and image2block
into one image2
widget.paste
command is no longer being disabled when the clipboard is empty.<br>
to <body>
, so it is stripped by the HTML data processor.contentDomInvalidated
event.range#moveToPoint
method.<body>
.New Features:
editor.enterMode
and editor.shiftEnterMode
properties – normalized versions of config.enterMode
and config.shiftEnterMode
.editor.setActiveEnterMode()
method, editor.activeEnterModeChange
event, and two properties: editor.activeEnterMode
and editor.activeShiftEnterMode
.editor.setActiveFilter()
method, editor.activeFilterChange
event, and editor.activeFilter
property.selection.fake()
method.htmlParser.filter
rules are not applied to non-editable elements (elements with contenteditable
attribute set to false
and their descendants) anymore. To add a rule which will be applied to all elements you need to pass an additional argument to the filter.addRules()
method.Fixed Issues:
Fixed Issues:
CKEDITOR.plugins.addExternal()
not handling paths including file name specified.CKEDITOR.tools.isArray()
not working cross frame.range.createBookmark2()
incorrectly normalizing offsets. This bug was causing many issues: #10850, #10842.Fixed Issues:
dir
) from main language file to core.onbeforeunload
event in the popup dialog.Important Notes:
Dropped compatibility support for Internet Explorer 7 and Firefox 3.6.
Both the Basic and the Standard distribution packages will not contain the new Indent Block plugin. Because of this the Advanced Content Filter might remove block indentations from existing contents. If you want to prevent this, either add an appropriate ACF rule to your filter or create a custom build based on the Basic/Standard package and add the Indent Block plugin in CKBuilder.
New Features:
config.title
setting to change the human-readable title of the editor.editor.change
event.required
attributes on <textarea>
elements — introduced editor.required
event.<textarea>
elements with the inline editor.Fixed Issues:
editor.setData()
.New Features:
Fixed Issues:
config.shiftEnterMode
.CKEDITOR.dialog.addIframe()
incorrectly sets the iframe size in dialog windows.New Features:
Fixed Issues:
editable.insertText()
loses characters when RegExp
replace controls are being inserted.document.domain
has been altered.keystrokeHandler.blockedKeystrokes
when calling editor.setReadOnly()
.config.customConfig
files.config.enterMode
is CKEDITOR.ENTER_BR
.role="application"
should not be used for dialog windows.role="application"
should not be used for floating panels.New Features:
Fixed Issues:
mouseup
event.<textarea>
should not be modified by the htmlDataProcessor
.tabSpaces
. Unified data-cke-*
attributes filtering.keydown
in specific cases.undoManager.update()
does not refresh the command state.<s>
using Remove Format.Fixed Issues:
filter.allowedContent
property always contains rules in the same format.<a>
elements anymore.align
attribute to float
style to preserve backward compatibility after the introduction of Advanced Content Filter.config.justifyClasses
is defined.New Features:
Brand new data filtering system that works in 2 modes:
config.allowedContent
rules - the data
will be filtered and the editor features (toolbar items, commands, keystrokes) will be enabled if they are allowed.See the datafiltering.html
sample, guides and CKEDITOR.filter
API documentation.
contentPreview
event for preview data manipulation.toHtml
and toDataFormat
, allowing for better integration with data processing.htmlParser.fragment
, htmlParser.element
etc. by many htmlParser.filter
s before writing structure to an HTML string.editor.status
property to make it easier to check the current status of the editor.command
state is now CKEDITOR.TRISTATE_DISABLE
. It will be activated on editor.instanceReady
or immediately after being added if the editor is already initialized.<s>
as a default tag for strikethrough, which replaces obsolete <strike>
in HTML5.Fixed Issues:
editor.destroy()
.Fixed Issues:
CKEDITOR.getUrl()
with CKEDITOR_GETURL
.stylesSet.add()
are displayed in the wrong order.editor.readOnly
is set.editor.getData()
if set via the Document Properties dialog window.selectionChange
event is not fired when mouse selection ended outside editable.editor.checkDirty()
returns true
when called onload. Removed the obsolete editor.mayBeDirty
flag.Fixed Issues:
Fixed Issues:
box-sizing
style should not influence the editor UI elements.tel
, email
, search
and url
input types.<div>
element stay permanently even after the user exits editing the <div>
.border-width
style is specified.<pre>
elements.onChange
is not fired for checkboxes in dialogs.editor.addRemoveFormatFilter()
is exposed before it really works.pasteFromWordCleanupFile
configuration option is now taken from the instance configuration.The first stable release of the new CKEditor 4 code line.
The CKEditor JavaScript API has been kept compatible with CKEditor 4, whenever possible. The list of relevant changes can be found in the API Changes page of the CKEditor 4 documentation.