Embed JavaScript code in RadEditor
Environment
| Product | RadEditor for ASP.NET AJAX |
Description
What is the best way to insert (embed) JavaScript code in HTML mode of the Telerik Editor control? Learn the answer in the Solution section below.
Solution
By default, RadEditor strips the script tags to prevent script code execution and XSS.
There are two content filters responsible for the script encoding and removal:
- RemoveScripts: this filter removes script tags from the editor content. Disable the filter if you want to insert script tags in the content. You can examine more details about this filter in the Preventing Cross-site Scripting (XSS) article.
- EncodeScripts: this filter encodes all script tags from the content. You can examine more details about this filter in the Preventing Cross-site Scripting (XSS) article.
You can disable one or both of them with the following C# code:
RadEditor1.DisableFilter(Telerik.Web.UI.EditorFilters.EncodeScripts));
RadEditor1.DisableFilter(Telerik.Web.UI.EditorFilters.RemoveScripts));
RadEditor1.DisableFilter(Telerik.Web.UI.EditorFilters.EncodeScripts))
RadEditor1.DisableFilter(Telerik.Web.UI.EditorFilters.RemoveScripts))