Several fields in the picture are forms, among which content1 is the content submitted by kindeditor. The original content is Come with a few symbols '<"> Use firebug to see that it looks like the picture above.
Explain that kindeditor has automatically made htmlspecialchars similar to php before submitting, converting symbols like < and > into html escape codes.
It’s a very considerate function, but you need to be careful when using it.
Several fields in the picture are forms, among which content1 is the content submitted by kindeditor. The original content is Come with a few symbols '<"> Use firebug to see that it looks like the picture above.
Explain that kindeditor has automatically made htmlspecialchars similar to php before submitting, converting symbols like < and > into html escape codes.
It’s a very considerate function, but you need to be careful when using it.
KindEditor uses whitelist filtering by default, and you can use the htmlTags parameter to define the tags and attributes to be retained. Of course, you can also use the filterMode parameter to turn off the filter mode and retain all tags.
<code class="js">KindEditor.ready(function(K) {
K.create('textarea[name="content"]', {
filterMode : false
});
});
</code>However, this does not replace back-end filtering as the front-end processing can be bypassed.
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
