/*\r
-Copyright (c) 2003-2011, CKSource - Frederico Knabben. All rights reserved.\r
+Copyright (c) 2003-2013, CKSource - Frederico Knabben. All rights reserved.\r
For licensing, see LICENSE.html or http://ckeditor.com/license\r
*/\r
\r
return last;\r
}\r
\r
+ function getNodeIndex( node ) {\r
+ var parent = node.parent;\r
+ return parent ? CKEDITOR.tools.indexOf( parent.children, node ) : -1;\r
+ }\r
+\r
function trimFillers( block, fromSource )\r
{\r
// If the current node is a block, and if we're converting from source or\r
typeof extendEmptyBlock == 'function' && ( extendEmptyBlock( block ) === false ) ) )\r
return false;\r
\r
- // 1. For IE version >=8, empty blocks are displayed correctly themself in wysiwiyg;\r
- // 2. For the rest, at least table cell and list item need no filler space.\r
- // (#6248)\r
- if ( fromSource && CKEDITOR.env.ie &&\r
- ( document.documentMode > 7\r
- || block.name in CKEDITOR.dtd.tr\r
- || block.name in CKEDITOR.dtd.$listItem ) )\r
- return false;\r
+ // 1. For IE version >=8, empty blocks are displayed correctly themself in wysiwiyg;\r
+ // 2. For the rest, at least table cell and list item need no filler space.\r
+ // (#6248)\r
+ if ( fromSource && CKEDITOR.env.ie &&\r
+ ( document.documentMode > 7\r
+ || block.name in CKEDITOR.dtd.tr\r
+ || block.name in CKEDITOR.dtd.$listItem ) )\r
+ return false;\r
\r
var lastChild = lastNoneSpaceChild( block );\r
\r
\r
var dtd = CKEDITOR.dtd;\r
\r
+ // Define orders of table elements.\r
+ var tableOrder = [ 'caption', 'colgroup', 'col', 'thead', 'tfoot', 'tbody' ];\r
+\r
// Find out the list of block-like tags that can contain <br>.\r
var blockLikeTags = CKEDITOR.tools.extend( {}, dtd.$block, dtd.$listItem, dtd.$tableContent );\r
for ( var i in blockLikeTags )\r
delete blockLikeTags.pre;\r
var defaultDataFilterRules =\r
{\r
- elements : {\r
- a : function( element )\r
- {\r
- var attrs = element.attributes;\r
- if ( attrs && attrs[ 'data-cke-saved-name' ] )\r
- attrs[ 'class' ] = ( attrs[ 'class' ] ? attrs[ 'class' ] + ' ' : '' ) + 'cke_anchor';\r
- }\r
- },\r
+ elements : {},\r
attributeNames :\r
[\r
// Event attributes (onXYZ) must not be directly set. They can become\r
return element;\r
},\r
\r
+ // The contents of table should be in correct order (#4809).\r
+ table : function( element )\r
+ {\r
+ // Clone the array as it would become empty during the sort call.\r
+ var children = element.children.slice( 0 );\r
+ children.sort( function ( node1, node2 )\r
+ {\r
+ var index1, index2;\r
+\r
+ // Compare in the predefined order.\r
+ if ( node1.type == CKEDITOR.NODE_ELEMENT &&\r
+ node2.type == node1.type )\r
+ {\r
+ index1 = CKEDITOR.tools.indexOf( tableOrder, node1.name );\r
+ index2 = CKEDITOR.tools.indexOf( tableOrder, node2.name );\r
+ }\r
+\r
+ // Make sure the sort is stable, if no order can be established above.\r
+ if ( !( index1 > -1 && index2 > -1 && index1 != index2 ) )\r
+ {\r
+ index1 = getNodeIndex( node1 );\r
+ index2 = getNodeIndex( node2 );\r
+ }\r
+\r
+ return index1 > index2 ? 1 : -1;\r
+ } );\r
+ },\r
+\r
embed : function( element )\r
{\r
var parent = element.parent;\r
// Remove all class names starting with "cke_".\r
return CKEDITOR.tools.ltrim( value.replace( /(?:^|\s+)cke_[^\s]*/g, '' ) ) || false;\r
}\r
- },\r
-\r
- comment : function( contents )\r
- {\r
- // If this is a comment for protected source.\r
- if ( contents.substr( 0, protectedSourceMarker.length ) == protectedSourceMarker )\r
- {\r
- // Remove the extra marker for real comments from it.\r
- if ( contents.substr( protectedSourceMarker.length, 3 ) == '{C}' )\r
- contents = contents.substr( protectedSourceMarker.length + 3 );\r
- else\r
- contents = contents.substr( protectedSourceMarker.length );\r
-\r
- return new CKEDITOR.htmlParser.cdata( decodeURIComponent( contents ) );\r
- }\r
-\r
- return contents;\r
}\r
};\r
\r
defaultHtmlFilterRules.elements[ i ] = unprotectReadyOnly;\r
}\r
\r
- var protectElementRegex = /<(a|area|img|input)\b([^>]*)>/gi,\r
- protectAttributeRegex = /\b(href|src|name)\s*=\s*(?:(?:"[^"]*")|(?:'[^']*')|(?:[^ "'>]+))/gi;\r
+ var protectElementRegex = /<(a|area|img|input|source)\b([^>]*)>/gi,\r
+ protectAttributeRegex = /\b(on\w+|href|src|name)\s*=\s*(?:(?:"[^"]*")|(?:'[^']*')|(?:[^ "'>]+))/gi;\r
\r
var protectElementsRegex = /(?:<style(?=[ >])[^>]*>[\s\S]*<\/style>)|(?:<(:?link|meta|base)[^>]*>)/gi,\r
encodedElementsRegex = /<cke:encoded>([^<]*)<\/cke:encoded>/gi;\r
{\r
return '<' + tag + attributes.replace( protectAttributeRegex, function( fullAttr, attrName )\r
{\r
+ // Avoid corrupting the inline event attributes (#7243).\r
// We should not rewrite the existed protected attributes, e.g. clipboard content from editor. (#5218)\r
- if ( attributes.indexOf( 'data-cke-saved-' + attrName ) == -1 )\r
- return ' data-cke-saved-' + fullAttr + ' ' + fullAttr;\r
+ if ( !( /^on/ ).test( attrName ) && attributes.indexOf( 'data-cke-saved-' + attrName ) == -1 )\r
+ return ' data-cke-saved-' + fullAttr + ' data-cke-' + CKEDITOR.rnd + '-' + fullAttr;\r
\r
return fullAttr;\r
}) + '>';\r
});\r
}\r
\r
- function protectSource( data, protectRegexes )\r
+ function unprotectSource( html, editor )\r
+ {\r
+ var store = editor._.dataStore;\r
+\r
+ return html.replace( /<!--\{cke_protected\}([\s\S]+?)-->/g, function( match, data )\r
+ {\r
+ return decodeURIComponent( data );\r
+ }).replace( /\{cke_protected_(\d+)\}/g, function( match, id )\r
+ {\r
+ return store && store[ id ] || '';\r
+ });\r
+ }\r
+\r
+ function protectSource( data, editor )\r
{\r
var protectedHtml = [],\r
+ protectRegexes = editor.config.protectedSource,\r
+ store = editor._.dataStore || ( editor._.dataStore = { id : 1 } ),\r
tempRegex = /<\!--\{cke_temp(comment)?\}(\d*?)-->/g;\r
\r
var regexes =\r
return protectedHtml[ id ];\r
}\r
);\r
- return '<!--{cke_temp}' + ( protectedHtml.push( match ) - 1 ) + '-->';\r
+\r
+ // Avoid protecting over protected, e.g. /\{.*?\}/\r
+ return ( /cke_temp(comment)?/ ).test( match ) ? match\r
+ : '<!--{cke_temp}' + ( protectedHtml.push( match ) - 1 ) + '-->';\r
});\r
}\r
data = data.replace( tempRegex, function( $, isComment, id )\r
'-->';\r
}\r
);\r
- return data;\r
+\r
+ // Different protection pattern is used for those that\r
+ // live in attributes to avoid from being HTML encoded.\r
+ return data.replace( /(['"]).*?\1/g, function ( match )\r
+ {\r
+ return match.replace( /<!--\{cke_protected\}([\s\S]+?)-->/g, function( match, data )\r
+ {\r
+ store[ store.id ] = decodeURIComponent( data );\r
+ return '{cke_protected_'+ ( store.id++ ) + '}';\r
+ });\r
+ });\r
}\r
\r
CKEDITOR.plugins.add( 'htmldataprocessor',\r
// The source data is already HTML, but we need to clean\r
// it up and apply the filter.\r
\r
- data = protectSource( data, this.editor.config.protectedSource );\r
+ data = protectSource( data, this.editor );\r
\r
// Before anything, we must protect the URL attributes as the\r
// browser may changing them when setting the innerHTML later in\r
// Call the browser to help us fixing a possibly invalid HTML\r
// structure.\r
var div = new CKEDITOR.dom.element( 'div' );\r
+\r
// Add fake character to workaround IE comments bug. (#3801)\r
div.setHtml( 'a' + data );\r
data = div.getHtml().substr( 1 );\r
\r
+ // Restore shortly protected attribute names.\r
+ data = data.replace( new RegExp( ' data-cke-' + CKEDITOR.rnd + '-', 'ig' ), ' ' );\r
+\r
// Unprotect "some" of the protected elements at this point.\r
data = unprotectElementNames( data );\r
\r
\r
fragment.writeHtml( writer, this.htmlFilter );\r
\r
- return writer.getHtml( true );\r
+ var data = writer.getHtml( true );\r
+\r
+ // Restore those non-HTML protected source. (#4475,#4880)\r
+ data = unprotectRealComments( data );\r
+ data = unprotectSource( data, this.editor );\r
+\r
+ return data;\r
}\r
};\r
})();\r