Eric Bourland
asked on
disabled "Global Script Protection" in CF Administrator to allow OBJECT and EMBED tags; is there another way to allow these tags?
ColdFusion Version 9.0.1
Latest hotfixes applied.
In brief:
In ColdFusion Administrator I turned off (unchecked) "Enable Global Script Protection". I know it is not safe to disable Global Script Protection. Is there a way to enable Global Script Protection but tell ColdFusion to permit EMBED and OBJECT tags?
Details:
Why did I disable Global Script Protection? Because I use the TinyMCE javascript WYSIWYG editor, and when I try to embed these tags: OBJECT; EMBED, then ColdFusion automatically removes them and replaces them with "InvalidTag". This problem is documented on Ray Camden's blog:
http://www.coldfusionjedi.com/index.cfm/2007/1/5/Where-the-heck-is-InvalidTag-coming-from
So, I need to figure out a way to enable Global Script Protection, yet tell ColdFusion to permit EMBED and OBJECT tags. Can I add a line to application.cfc to achieve this? Thank you for any advice.
Eric
Latest hotfixes applied.
In brief:
In ColdFusion Administrator I turned off (unchecked) "Enable Global Script Protection". I know it is not safe to disable Global Script Protection. Is there a way to enable Global Script Protection but tell ColdFusion to permit EMBED and OBJECT tags?
Details:
Why did I disable Global Script Protection? Because I use the TinyMCE javascript WYSIWYG editor, and when I try to embed these tags: OBJECT; EMBED, then ColdFusion automatically removes them and replaces them with "InvalidTag". This problem is documented on Ray Camden's blog:
http://www.coldfusionjedi.com/index.cfm/2007/1/5/Where-the-heck-is-InvalidTag-coming-from
So, I need to figure out a way to enable Global Script Protection, yet tell ColdFusion to permit EMBED and OBJECT tags. Can I add a line to application.cfc to achieve this? Thank you for any advice.
Eric
The comments in the link suggest adding: scriptProtect = "No" would work.
ASKER
>>>scriptProtect = "No"
I saw that too ... but am not sure where to enter that parameter.
I saw this:
<cfapplication name="#prefix#_blog_#blogn ame#" sessionManagement="true" loginStorage="session" scriptprotect="none">
but I do not use the cfapplication tag.
Would it go in application.cfc?
I saw that too ... but am not sure where to enter that parameter.
I saw this:
<cfapplication name="#prefix#_blog_#blogn
but I do not use the cfapplication tag.
Would it go in application.cfc?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
This worked like a charm.
Holy bananas. I was working on that problem for weeks. In the process I did a great deal about the very useful TinyMCE editor.
Thank you as always, _agx_. =)
E
Holy bananas. I was working on that problem for weeks. In the process I did a great deal about the very useful TinyMCE editor.
Thank you as always, _agx_. =)
E
ASKER
Thank you as always, _agx_.
Welcome :)