how to prevent tinymce from stripping the 'style' attribute from input element?

Question

I have been reading the official docs and blog posts and SO for hours, certain somewhere the answer would be posted already.. but no luck.

It seems that no amount

Answer 1

This fiddle shows that your configuration of tinymce is absolutely perfect: Style-attribute is allowed for all elements, it does not get stripped out.

Answer 2

As Thariama pointed out, tinymce was not at fault.. but it was my lack of knowing what all CodeIgniter's $config['global_xss_filtering'] = TRUE; was doing. If you find you are experiencing the same issue, here is how I addressed it; please see here: Codeigniter - Disable XSS filtering on a post basis .

Answer 3

you can try with an ajax request, like this

$("#submit").click(function(e) {
    ie8SafePreventEvent(e);
    var form_data = $("#form").serialize();
    var content = $.base64.encode(tinyMCE.activeEditor.getContent());
    $.ajax({
        type: "POST",
        url: "/your/post/processor",
        data: form_data + "&coded_content=" + content,
        success: function(return_msg){
            do_something
            },
        error: function(){
            alert("Sorry, we got an error, try later");
            }
        });
    });

Obviously in your controller you have to base64decode...

Answer 4

I am also using CodeIgniter and while I did set $config['global_xss_filtering'] = false; I still had the issue with the style attribute. So if none of the solutions worked for you, you can try encoding the tinyMCE data in base64 on submit and place it in a hidden field using Javascript:

$('#hiddenField').val(window.btoa(tinyMCE.get('tinyMCEtextareaID').getContent()));

This way you retain the original string and it can be easily decoded in PHP using:

$htmlstring = base64_decode($_POST['hiddenField']);