tonydspaniard
commented
8 years ago @techie42 do you have time for a quick PR? I'll review it whenever i have time. Thanks
Closed techie42 closed 8 years ago
tonydspaniard
commented
8 years ago @techie42 do you have time for a quick PR? I'll review it whenever i have time. Thanks
techie42
commented
8 years ago Sorry it's taken so long ... but finally done :) Thanks for your patience.
In CKEditor.php, if we define filebrowserImageUploadUrl (instead of filebrowserUploadUrl), then the CSRF is never added to the upload data.
In the CKEditor docs, filebrowserUploadUrl defines a generic upload routine and filebrowserImageUploadUrl defines a specific image upload routine.
I would suggest the code is modified as follows (around line 68 of CKEditor.php):
Original:
if (isset($this->clientOptions['filebrowserUploadUrl'])) { $js[] = "dosamigos.ckEditorWidget.registerCsrfImageUploadHandler();"; }Revision:
if (isset($this->clientOptions['filebrowserUploadUrl']) || isset($this->clientOptions['filebrowserImageUploadUrl'])) { $js[] = "dosamigos.ckEditorWidget.registerCsrfImageUploadHandler();"; }This solves the issue and specific image uploads occur normally.Also, CKEditorInline.php would also need to be modified accordingly around line 90, replacing the same code shown above with the revision.