Telerik’s documentation explains a content filter that can be applied to strip script tags. The goal of the custom code it to override the Telerik editor and disable the filter from being applied.
\Website\sitecore\shell\Controls\Rich Text Editor\EditorPage.aspx
The C# is compiled in the
Sitecore.Client.dll assembly, so let’s add in our own C# code right into this page. Add in the following block of code to run before the normal
protected override void OnLoad(EventArgs e)
Note: this was tested on Sitecore 6.4
Just consider the upgrade path here. Before you run an upgrade of Sitecore you’d want to backup this built-in file just in case.
While working with a colleague (Mark Graber, Sitecore MVP) we determined a better way to do this via a configuration patch so you don’t need to edit the built-in Sitecore editor page.
Create a class that inherits
Sitecore.Shell.Controls.RichTextEditor.EditorConfiguration. Next, override the
SetupFilters() method and in there run the same code to remove the filter, like so:
protected override void SetupFilters()
Now, register this new class in the config setting “HtmlEditor.DefaultConfigurationType” like so:
<setting name="HtmlEditor.DefaultConfigurationType" value="MyProject.EditorConfiguration, MyProject"/>
It has been reported (in the comments) that there is still an issue that scripts are removed when you switch to HTML view of the RTE. I was only able to reproduce this issue in Internet Explorer but it does appear to be a problem still.
Additionally, it appears newer releases of Sitecore have the above solution baked in with a new setting called
HtmlEditor.RemoveScripts which affects the built-in
EditorConfiguration class based on the setting. My post was written on 1/10/2012 and Update 6 to Sitecore 6.4.1 was released on 1/13/2012 with this setting. So this should now be a built-in setting to Sitecore which will make it easier to configure out of the box!