You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
|Split button CSS classes and structure have changed.
52
+
|Low
49
53
|===
50
54
====
51
55
@@ -58,7 +62,9 @@ Any items marked **"High"** level require immediate attention during migration.
58
62
This section applies to self-hosted installations only. For cloud deployments, license key management is handled automatically.
59
63
====
60
64
61
-
{productname} {release-version} introduces an enhanced license key system that requires specific attention during migration. The complete licensing documentation xref:license-key.adoc[License Key Management] covers:
65
+
{productname} {release-version} introduces an enhanced license key system that requires specific attention during migration.
66
+
67
+
The complete licensing documentation xref:license-key.adoc[License Key Management] covers:
62
68
63
69
* Detailed explanations of all license types (GPL, Commercial, GPL with Premium Features)
64
70
* Time-based vs Version-locked license key differences
@@ -68,17 +74,22 @@ This section applies to self-hosted installations only. For cloud deployments, l
68
74
* Commercial License Key Manager setup and requirements
69
75
* Troubleshooting and FAQ
70
76
71
-
==== Key Migration Considerations
77
+
**Impact**: The new license key system introduces breaking changes that require updates to your configuration and code.
72
78
73
-
* *License Key Format Change:* Version 7 keys are **not compatible** with {productname} {release-version}. New keys use the prefix `T8LK:` for commercial licenses or `GPL+T8LK:` for GPL with Premium Features.
74
-
* *Mandatory Key Requirement:* Self-hosted deployments now **require** a valid license key; without one, the editor will be set to readonly.
75
-
* *Commercial License Manager:* Self-hosted commercial deployments **require** the new license key manager addon.
79
+
**Key Migration Considerations**:
76
80
77
-
==== Migration Steps
81
+
* *License Key Format Change:* Version 7 keys are:
82
+
** Not compatible with {productname} {release-version}.
83
+
** New keys use the prefix `T8LK:` for commercial licenses or `GPL+T8LK:` for GPL with Premium Features.
84
+
* *Mandatory Key Requirement:* Self-hosted deployments **now require** a valid license key; without one, the editor will be set to `readonly`.
85
+
* *Commercial License Manager:* Self-hosted commercial deployments **require** the new License Key Manager addon.
78
86
79
-
. *Obtain New License Key:*
80
-
** link:https://www.tiny.cloud/contact/[Contact us] to obtain a new {productname} {release-version} license key, or use `gpl` for the open source version. See: xref:license-key.adoc#setting-the-license[setting the license] for details.
87
+
**Migration Steps:**
81
88
89
+
. *Obtain New License Key:*
90
+
+
91
+
* link:https://www.tiny.cloud/contact/[Contact us] to obtain a new {productname} {release-version} license key, or use `gpl` for the open source version. See: xref:license-key.adoc#setting-the-license[setting the license] for details.
92
+
+
82
93
. *Update Configuration:*
83
94
+
84
95
[source, javascript]
@@ -98,11 +109,12 @@ tinymce.init({
98
109
99
110
==== License Key Manager Setup
100
111
101
-
When migrating to TinyMCE {release-version} with a commercial license, the license key manager addon is required for the editor to operate. The setup varies based on your deployment method:
112
+
When migrating to {productname} {release-version} with a commercial license, the License Key Manager addon is required for the editor to operate. The setup varies based on your deployment method:
113
+
114
+
*CDN/Static Hosting:*
115
+
116
+
* Ensure the supplied `licensekeymanager` folder is in your {productname} plugins directory:
102
117
103
-
. *CDN/Static Hosting:*
104
-
** Ensure the supplied `licensekeymanager` folder is in your {productname} plugins directory:
105
-
+
106
118
[tree]
107
119
----
108
120
your-site/
@@ -114,9 +126,10 @@ your-site/
114
126
│ └── ... other plugins
115
127
----
116
128
117
-
. *NPM/Module Bundler:*
118
-
** Install TinyMCE and ensure the license key manager is imported:
119
-
+
129
+
*NPM/Module Bundler:*
130
+
131
+
Install {productname} and ensure the license key manager is imported:
132
+
120
133
[source, javascript]
121
134
----
122
135
// Import TinyMCE
@@ -131,9 +144,10 @@ tinymce.init({
131
144
});
132
145
----
133
146
134
-
. *React/Next.js:*
135
-
** When using the `@tinymce/tinymce-react` package:
136
-
+
147
+
*React/Next.js:*
148
+
149
+
When using the `@tinymce/tinymce-react` package:
150
+
137
151
[source, javascript]
138
152
----
139
153
import { Editor } from '@tinymce/tinymce-react';
@@ -150,24 +164,25 @@ export default function MyEditor() {
150
164
}
151
165
----
152
166
153
-
. *PHP/Laravel:*
154
-
** Ensure the license key manager is included when publishing {productname} assets:
155
-
+
167
+
*PHP/Laravel:*
168
+
169
+
Ensure the license key manager is included when publishing {productname} assets:
* The license key manager is automatically included when using Tiny Cloud.
185
+
* The license key manager is automatically included when using {companyname} Cloud.
171
186
* The plugin does not need to be added to the `plugins` configuration option.
172
187
* For bundled applications, the license key manager must be loaded before {productname} initialization.
173
188
* For bundled applications, ensure the license key manager is not excluded during build optimization.
@@ -196,14 +211,20 @@ This change improves security and aligns with DOMPurify's recommended defaults.
196
211
197
212
==== Key Changes
198
213
199
-
* **DOMPurify upgraded to 3.2.6** — The custom patch is now included upstream; maintaining a forked patch is no longer required.
214
+
* **DOMPurify upgraded to 3.2.6**
200
215
* **`SAFE_FOR_XML` enabled** — This setting enforces stricter handling of comments and attribute values, preventing certain XSS vectors.
201
216
* **Content Impact** — HTML comments containing tags, Internet Explorer conditional comments, and attributes with HTML-like values may now be removed during sanitization. Content that was previously allowed may be stripped.
202
217
203
-
==== Migration Guidance
218
+
*Impact*: This change improves security by preventing potential XSS attacks through comments and attributes that were previously allowed. However, it may also result in content being stripped or altered unexpectedly.
219
+
220
+
**Migration Steps:**
204
221
205
222
* Review workflows and test content that previously relied on relaxed sanitization.
206
-
* If custom comment handling is required, consider using DOMPurify hooks as recommended by the maintainers.
223
+
* If custom comment handling is required, note that DOMPurify hooks cannot be used directly unless you fork TinyMCE or disable TinyMCE's built-in sanitization and implement your own with DOMPurify.
224
+
* {productname} now provides the xref:content-filtering.adoc#allow_html_in_comments[Content Filtering: allow_html_in_comments option] option. Enabling this option allows HTML tags in comments with sanitization still enabled.
225
+
226
+
[WARNING]
227
+
Using `allow_html_in_comments` increases the risk of XSS vulnerabilities. xref:security.adoc#allow_html_in_comments[allow_html_in_comments] is not recommended for production use unless you fully understand the implications and have appropriate security measures in place.
207
228
208
229
.Example: Content Differences
209
230
|===
@@ -227,6 +248,46 @@ This change improves security and aligns with DOMPurify's recommended defaults.
227
248
For information on disabling DOMPurify sanitization (not recommended), see xref:security.adoc#xss_sanitization-option[xss_sanitization option].
228
249
====
229
250
251
+
== Core Changes
252
+
253
+
[[split-button-css-breaking-change]]
254
+
=== Split button CSS structure updates
255
+
// #TINY-8665
256
+
257
+
{productname} {release-version} updates the internal structure of split buttons. Split buttons now render as two separate components with updated CSS classes:
**Impact**: This change improves the flexibility of split button styling and allows for more granular control over each component.
263
+
264
+
**Migration steps:**
265
+
266
+
Update all CSS selectors and styles that previously targeted the unified `.tox-split-button` class to target the new `.tox-split-button__main` and `.tox-split-button__chevron` classes.
267
+
268
+
[source,css]
269
+
----
270
+
/* Before TinyMCE 8.0 */
271
+
.tox-split-button {
272
+
/* Previous styling approach */
273
+
}
274
+
275
+
/* TinyMCE 8.0+ */
276
+
.tox-split-button__main {
277
+
/* Main button styling */
278
+
}
279
+
280
+
.tox-split-button__chevron {
281
+
/* Chevron button styling */
282
+
}
283
+
----
284
+
285
+
**Migration checklist:**
286
+
287
+
* [ ] Search your CSS for `.tox-split-button` and update to use `.tox-split-button__main` and `.tox-split-button__chevron`.
288
+
* [ ] Test all split button styles in your application to ensure they render correctly.
289
+
* [ ] Update any custom plugins that use split buttons to reflect the new structure.
290
+
230
291
== Core API Changes
231
292
232
293
[discrete]
@@ -243,6 +304,12 @@ IMPORTANT: The following sections detail important changes that require updates
243
304
244
305
The `editor.selection.setContent` API has been deprecated and will be removed in {productname} 9.
245
306
307
+
*Impact*: This change simplifies content manipulation by consolidating insertion methods.
308
+
309
+
**Migration steps:**
310
+
311
+
To replace `editor.selection.setContent`, use `editor.insertContent` instead. The new method is more consistent with other content manipulation methods in {productname}.
TIP: Use `tinymce.activeEditor.documentBaseURI.getURI()` for all base URL operations.
284
349
285
-
.Required Changes
350
+
**Impact**: This change improves URL handling consistency by removing an undocumented API that was not aligned with the documented `documentBaseURI` property.
351
+
352
+
**Migration steps:**
286
353
287
354
To update all references of `documentBaseUrl` to the new API, replace any usage of `editor.documentBaseUrl` (or similar) with `tinymce.activeEditor.documentBaseURI.getURI()`. The property `documentBaseUrl` has been removed, and the correct way to access the document base URL is now through the `documentBaseURI` property, which is a URI object. You can then call `.getURI()` on it to get the string value of the URL.
288
355
@@ -316,6 +383,10 @@ For more information see: link:https://www.tiny.cloud/docs/tinymce/latest/apis/t
316
383
317
384
The `skipFocus` and `skip_focus` options for the `ToggleToolbarDrawer` command have been consolidated into a single, more consistent argument. This reduces API complexity and clarifies the intended behavior.
318
385
386
+
**Impact**: This change simplifies focus management, reducing the risk of confusion and unexpected behavior.
* {productname}’s new **Ask AI** widget is ready to assist you, just click the icon in the bottom-right corner of any documentation page.
559
628
* link:https://www.tiny.cloud/contact/[Contact {supportname}] for assistance.
560
629
561
630
For additional details on {productname} {release-version} changes, see xref:8.0-release-notes.adoc#overview[{productname} {release-version} release notes].
0 commit comments