-
- 834 Posts
Lately if I try to save any JS code either as part of content or a chunk Revo won't save it.
EG
<a href="javascript:location='mailto:\u0074\u0061\u006c\u006b\u0040\u006d\u0061\u006b\u0065\u0074\u0068\u0065\u006d\u0063\u006c\u0069\u0063\u006b\u002e\u0063\u006f\u006d\u002e\u0061\u0075';void 0">
And it's not that particular code either. It seems to be any JS, as well as any third party embed code such as videos.
I used to be able to save such code with no problem.
Anyone got any ideas as to what's going on?
Thanks
Content Creator and Copywriter
It sounds as if your hosting has made changes to suhosin or mod_security.
-
- 834 Posts
Hmm,
More info
doesn't happen with all script, but it does happen with about half.
It's also happening with forms code.
I shall investigate further.
Content Creator and Copywriter
Are these edited with a Rich-Text editor, or plain-text in the textarea fields?
-
- 834 Posts
Quote from: sottwell at Jun 20, 2014, 02:46 AMAre these edited with a Rich-Text editor, or plain-text in the textarea fields?
Plain text - no wysiwyg installed.
Content Creator and Copywriter
Definitely sounds like overly strict server security. Unless browsers themselves have started blocking POST submissions - I've been waiting for that to happen. Or possibly you or someone on a network where you work has installed or updated a proxy or firewall?
-
- 834 Posts
There's just some code that it doesn't like. Here's another example fo what it won't save as content
<div style="overflow: hidden; color: #000000; background-color: #ffffff; text-align: left; text-decoration: none;"> </div>
Content Creator and Copywriter
-
- 24,544 Posts
-
- 834 Posts
Quote from: BobRay at Jun 20, 2014, 08:49 PMMy money would be on mod_security as Susan suggested. http://wiki.modxcms.com/index.php/What_is_mod_security_and_how_does_it_affect_me
Bob,
yeh I tried all of that before and I just got server error, although that could be me not understanding how to correctly write the code.
I tried
SecFilterEngine On
SecFilterSelective "REQUEST_URI" "/manager/index.php" "allow,nolog"
I also tried the full url, as well as with and without the index.
Plus I worked my way thru all of the suggestions on the page, but as I said, I probably did something wrong. I'm just monkey see monkey do when it comes to this sort of code.
Thanks
Content Creator and Copywriter
It's probably more that the configuration doesn't allow changing the settings in .htaccess files. Those only work sometimes.
You can usually work around the problem of Javascript by using "unobtrusive" javascript, which mostly just means having everything in a .js file. And inline CSS is replaced with a classname, and the CSS directives in the .css file instead of inline.