I've installed 1.0.2
and know the code in my Creative tabs don't work anymore
I was using them to display FLASH....

How do I re-enable this??????

Sorry for the CAPS in the Subject...but this is kindof Urgent

Thank you in advance for your quick responce

Post edited by: trail, at: 2006/11/28 06:05

I'm pasting what i found below
But you should be aware that these fixes you refer to haven't worked for me yet

beat wrote:

Yes, you guessed correctly.

Nevertheless, you can untighten security level of your site by allowing specific tags to be used.

To do that, you can add at the end of your CB configuration file in:
administrator/components/com_comprofiler/ue_config.php
for your case :

[code:1]$ueConfig = "object embed";
[/code:1]

EDIT: (not an array, but single-space-separated tags !)

you can change or add to the values in the array above any other potentially hostile tag which are now getting filtered by Community Builder, to allow them on your site. You need to be aware that allowing these tags, in particular script tag can be missused by users for potentially hostile content.

Post edited by: Styles, at: 2006/11/27 17:55

Post edited by: beat, at: 2006/11/30 09:18

trail wrote:

yhyusuf wrote:

yhyusuf wrote:
hi thanks for your help but it is still doing the same i have added it to the ue_config.php file as stated above but no luck...any ideas what could be happening?

thanks

On the last save without the extra allowed tags your editor field got filtered .. so re-enter your data in there (object=...) save again and it should be fixed..

beat wrote:

spikec wrote:

Beat, can you give me a list of the tags that are now filtered by the new release? I had set up a creative tab where the kids ccould paste background and "myspace" layout codes to pretty up their profiles. None of this seems to be working now, esp when using the <style type="text/css"> tag.

thanks

Here the complete list of potentially hostile tags that get filtered in CB's editorArea field type:

'applet', 'body', 'bgsound', 'base', 'basefont', 'embed', 'frame', 'frameset', 'head', 'html', 'id', 'iframe', 'ilayer', 'layer', 'link', 'meta', 'name', 'object', 'script', 'style', 'title', 'xml'.

These tags can be removed from the list in the config file as decribed before.

Here also the attributes (behind any tages) that get filtered as well:

'action', 'background', 'codebase', 'dynsrc', 'lowsrc', and also will strip ALL event handlers ('on....')

There is no config-file method to remove these attributes.