Hidden HTML tags showing in Rich Text Editor

Certified Lead Developer

I am trying to show HTML data in rich text editor but the html we are receiving from api has some hidden tags with visibility: hidden.

I know that hidden items still take up space in the layout but the content is hidden. Rich text editor is not hiding those elements or tags. The data and elements inside those hidden tags are still visible in editor.

Any possible way to resolve this? Also, how to make rich text editor open hyperlinks in another tab rather than in same editor window?

  Discussion posts and replies are publicly visible

  • 0
    Certified Lead Developer

    I would suggest simply replacing the problematic tags in the value/saveInto using the substitute function.

    You can make a HTML link open in a new tab by adding the target=”_blank” attribute. You should insert this after the link address. You'd need to parse the links and add that attribute in the HTML tag.

  • I agree with Mathieu and I want to provide more context.  The Rich Text Editor sanitizes rich text input that it passed into it to protect against malicious HTML (such as embedded XSS or XSRF attacks).  It only allows markup that matches the features it support.  So I suspect that is why tags with visibility:hidden are showing up, because the Rich Text Editor doesn't support that inline styling and is removing it.  That styling isn't malicious, but it's getting caught by the security features of the Rich Text Editor.

    I believe the Rich Text Editor adds the _blank target already.  When I inspect the generated markup for a link, I see:

    <div><a href="">https://google.com" rel="noopener noreferrer" target="_blank">This is a link</a></div>