V 3.17.2 & Iframe
- LRAM
- Legend Bludit
- Posts: 244
- Joined: Sat Sep 24, 2016 4:02 pm
- Location: France
- Has thanked: 53 times
- Been thanked: 9 times
- Contact:
With this new version, it is impossible to use iframes. Bludit systematically adds a sandbox that blocks their display.
I made the mistake of saving a page that contained a working iframe, and it was automatically blocked.
an Iframe with youtube or spotify or amazon music works
not with deezer, not with a file on my own website
I made the mistake of saving a page that contained a working iframe, and it was automatically blocked.
an Iframe with youtube or spotify or amazon music works
not with deezer, not with a file on my own website
https://sucrepop.com
Candies for the ears
Candies for the ears
- indocreativemedia
- Ssr. Bludit
- Posts: 14
- Joined: Sun Sep 24, 2023 5:09 am
- Location: Indonesia
- Been thanked: 2 times
- Contact:
Hi,
I can insert iframe without problem on my localhost, as well as here:
https://www.softaculous.com/demos/Bludit
I can insert iframe without problem on my localhost, as well as here:
https://www.softaculous.com/demos/Bludit
- LRAM
- Legend Bludit
- Posts: 244
- Joined: Sat Sep 24, 2016 4:02 pm
- Location: France
- Has thanked: 53 times
- Been thanked: 9 times
- Contact:
Hi, thank for answering
I create a page on your demo
I added this code
once saved, the code is modified with sandbox=""
and the frame is blocked
I create a page on your demo
I added this code
Code: Select all
<iframe title="deezer-widget" src="https://widget.deezer.com/widget/dark/album/737776821" width="100%" height="300" frameborder="0" allowtransparency="true" allow="encrypted-media; clipboard-write"></iframe>Code: Select all
<p><iframe title="deezer-widget" src="https://widget.deezer.com/widget/dark/album/737776821" width="100%" height="300" frameborder="0" allowtransparency="true" allow="encrypted-media; clipboard-write" sandbox=""></iframe></p>https://sucrepop.com
Candies for the ears
Candies for the ears
- indocreativemedia
- Ssr. Bludit
- Posts: 14
- Joined: Sun Sep 24, 2023 5:09 am
- Location: Indonesia
- Been thanked: 2 times
- Contact:
When the iframe contains a "normal" webpage, then there will be no problem.
But when TinyMCE detects an iframe that:
* Looks like a media/embed provider
* Requires script execution
it treats it as "active" embedded content.
TinyMCE applies stricter handling to “active” third-party embeds because they:
* execute scripts
* may interact with user clipboard
* request media playback
* sometimes use postMessage APIs
So TinyMCE auto-injects: sandbox="", which means: deny all capabilities.
To allow deezer widget, you need to tweak tinymce plugin:
/bl-plugins/tinymce/plugin.php
Look for tinymce.init and then add this line:
and then add the sandbox into your iframe:
I haven't test this but worth to try, wish this works.
But when TinyMCE detects an iframe that:
* Looks like a media/embed provider
* Requires script execution
it treats it as "active" embedded content.
TinyMCE applies stricter handling to “active” third-party embeds because they:
* execute scripts
* may interact with user clipboard
* request media playback
* sometimes use postMessage APIs
So TinyMCE auto-injects: sandbox="", which means: deny all capabilities.
To allow deezer widget, you need to tweak tinymce plugin:
/bl-plugins/tinymce/plugin.php
Look for tinymce.init and then add this line:
Code: Select all
tinymce.init({
~~blablabla~~: '~~blublublu~~',
extended_valid_elements: 'iframe[src|width|height|allow|allowfullscreen|frameborder|class|sandbox]',
});Code: Select all
<iframe title="deezer-widget" src="https://widget.deezer.com/widget/dark/album/737776821" width="100%" height="300" frameborder="0" allowtransparency="true" allow="encrypted-media; clipboard-write" sandbox="allow-scripts allow-same-origin allow-presentation" sandbox="allow-scripts allow-same-origin allow-presentation"></iframe>
