RTE¶
The RTE
prefix key is used for configuration of the Rich Text Editor.
Please refer to the RTE chapter in Core API document
for more general information on RTE configuration and data processing.
Warning
Some explanations and descriptions may contain slightly obsolete references. The principles are still valid though.
The order in which configuration for the RTE is loaded is:
preset defined for a specific field via PageTS
richtextConfiguration defined for a specific field via TCA
general preset defined via PageTS
default
The full property path building is a bit more complex than for other property segments. The goal is that global options can be set that can also be overriden in more specific situations:
- Configure all RTE for all tables, fields and types:
RTE.default
- Configure RTE for a specific field in a table
RTE.config.[tableName].[fieldName]
- Configure RTE for a specific field in a table for a specific record type
RTE.config.[tableName].[fieldName].types.[type]
Consider the following Page TSconfig examples:
# Disable all RTEs
RTE.default.disabled = 1
# Disable all RTEs
RTE.default.disabled = 1
# Enable RTE for the tt_content bodytext field only
RTE.config.tt_content.bodytext.disabled = 0
# Disable all RTEs
RTE.default.disabled = 1
# Enable RTE for the tt_content bodytext field only
RTE.config.tt_content.bodytext.disabled = 0
# But disable RTE for tt_content bodytext again if the record type is "text"
RTE.config.tt_content.bodytext.types.text.disabled = 1
disabled¶
- Datatype
boolean
- Description
If set, the editor is disabled. This option is evaluated in
\TYPO3\CMS\Backend\Form\FormEngine
where it determines whether the RTE is rendered or not. Note that a backend user can also ultimately disable RTE's in his user settings.
proc¶
The proc
section allows customization of the server processing of the content, see
the transformation section of the RTE chapter in
the core API document for more general information on server processing.
The proc
properties are in \TYPO3\CMS\Core\Html\RteHtmlParser
and
are universal for all RTEs. The main objective of these options is to allow for minor
configuration of the transformations. For instance you may disable the mapping between
<b>-<strong>
and <i>-<em>
tags which is done by the ts_transform
transformation.
Notice how many properties relate to specific transformations only! Also notice that the meta-transformations
ts_css
imply other transformations as explained in the overview.
This means that options limited to ts_transform
will also work for ts_css
of course.
allowedClasses¶
- Datatype
string with comma separated values
- Description
Applies for
ts_transform
andcss_transform
only.Direction: From RTE to database, saving a record.
Allowed general class names when content is stored in database. Could be a list matching the number of defined classes you have. Class names are case insensitive.
This might be a really good idea to do, because when pasting in content from MS word for instance there are a lot of
<SPAN>
and<P>
tags which may have class names in. So by setting a list of allowed classes, such foreign class names are removed.If a class name is not found in this list, the default is to remove the class.
allowTags¶
- Datatype
string with comma separated values
- Description
Applies for
ts_transform
andcss_transform
only.Tags to allow. Notice, this list is added to the default list, which you see here:
b,i,u,a,img,br,div,center,pre,font,hr,sub,sup,p,strong,em,li,ul,ol,blo ckquote,strike,span
Note
This information is outdated, the default list depends on the used rte_ckeditor YAML configuraton.
allowTagsOutside¶
- Datatype
string with comma separated values
- Description
Applies for
ts_transform
andcss_transform
only.Enter tags which are allowed outside of
<P>
and<DIV>
sections when converted back to database.- Default
address, article, aside, blockquote, footer, header, hr, nav, section, div
- Example
# Allow only hr tags outside of p and div RTE.default.proc.allowTagsOutside = hr
blockElementList¶
- Datatype
string with comma separated values
- Description
Comma-separated list of uppercase tags (e.g.
P,HR
) that overrides the list of HTML elements that will be treated as block elements by the RTE transformations.
denyTags¶
- Datatype
string with comma separated values
- Description
Applies for
ts_transform
andcss_transform
only.Tags from above list to disallow.
entryHTMLparser_db¶
- Datatype
boolean / HTMLparser
- Description
Applies to all kinds of processing.
Allows to enable / disable the HTMLparser before the content is processed with the predefined processors (e.g. ts_images or ts_transform).
entryHTMLparser_rte¶
- Datatype
boolean / HTMLparser
- Description
Applies to all kinds of processing.
Allows to enable / disable the HTMLparser before the content is processed with the predefined processors (e.g. ts_images or ts_transform).
exitHTMLparser_db¶
- Datatype
boolean / HTMLparser
- Description
Applies to all kinds of processing.
Allows to enable / disable the HTMLparser after the content is processed with the predefined processors (e.g. ts_images or ts_transform).
exitHTMLparser_rte¶
- Datatype
boolean / HTMLparser
- Description
Applies to all kinds of processing.
Allows to enable / disable the HTMLparser after the content is processed with the predefined processors (e.g. ts_images or ts_transform).
HTMLparser_db¶
- Datatype
- Description
Applies for
ts_transform
andcss_transform
only.These are additional options to the HTML parser calls which strips of tags when the content is prepared from the RTE to the database, saving a record. It is possible to configure additional rules like which other tags to preserve, which attributes to preserve, which values are allowed as attributes of a certain tag etc.
For the detailed list of properties, see the section of the TypoScript reference.
Note
This configuration is similar in frontend TypoScript and Page TSconfig. This is why single properties can be looked up in the TypoScript reference.
Also note the HTMLparser options
keepNonMatchedTags
andhtmlSpecialChars
are not observed. They are preset internally.
Sanitization¶
New in version 9.5.29/10.4.19.
An HTML sanitizer is available to sanitize and remove XSS from markup. It strips tags, attributes and values that are not explicitly allowed.
Sanitizatin for persisting data is disabled by default and can be enabled
globally by using the corresponding feature flag in
typo3conf/LocalConfiguration.php
or
typo3conf/AdditionalConfiguration.php
:
$GLOBALS['TYPO3_CONF_VARS']['SYS']['features']['security.backend.htmlSanitizeRte'] = true;
It can then be disabled per use case with a custom processing instruction:
processing:
allowTags:
# ...
HTMLparser_db:
# ...
# disable individually per use case
htmlSanitize: false
# This is the default configuration,
# the feature flag has to be enabled
htmlSanitize:
# use default builder as configured in
# $GLOBALS['TYPO3_CONF_VARS']['SYS']['htmlSanitizer']
build: default
HTMLparser_rte¶
- Datatype
- Description
Applies for
ts_transform
andcss_transform
only.These are additional options to the HTML parser calls which strips of tags when the content is prepared from the database to the RTE rendering. It is possible to configure additional rules like which other tags to preserve, which attributes to preserve, which values are allowed as attributes of a certain tag etc.
For the detailed list of properties, see the section of the TypoScript reference.
Note
This configuration is similar in frontend TypoScript and Page TSconfig. This is why single properties can be looked up in the TypoScript reference.
Also note the HTMLparser options
keepNonMatchedTags
andhtmlSpecialChars
are not observed. They are preset internally.
overruleMode¶
- Datatype
Comma list of RTE transformations
- Description
This can overrule the RTE transformation set from TCA. Notice, this is a comma list of transformation keys.