CKEditor Ecosystem Documentation
Search
Home/CKEditor 5/API
Interface

HtmlEmbedConfig (html-embed)

@ckeditor/ckeditor5-html-embed/src/htmlembedconfig

interface
See source

The configuration of the HTML embed feature.

ClassicEditor
  .create( editorElement, {
    htmlEmbed: ... // HTML embed feature options.
  } )
	 .then( ... )
  .catch( ... );

See all editor options.

Filtering

Properties

  • sanitizeHtml : ( html: string ) => HtmlEmbedSanitizeOutput | undefined

    See source

    Callback used to sanitize the HTML provided by the user in HTML embed widget when it is previewed inside the editor.

    We strongly recommend overwriting the default function to avoid XSS vulnerabilities.

    Read more about the security aspect of this feature in the "Security" section of the HTML embed feature guide.

    The function receives the input HTML (as a string), and should return an object that matches the HtmlEmbedSanitizeOutput interface.

    ClassicEditor
  .create( editorElement, {
    htmlEmbed: {
      showPreviews: true,
      sanitizeHtml( inputHtml ) {
        // Strip unsafe elements and attributes, e.g.:
        // the `