Fix support for Winter v1.2.10+

Author: LukeTowers

assets/js/pages-page.js

@@ -599,7 +599,7 @@
 
         var extension = this.getContentExtension(pane),
             mode = 'html',
-            editor = $('[data-control=codeeditor]', pane)
+            $editor = $('[data-control=codeeditor]', pane)
 
         if (extension == 'html')
             extension = 'htm'
@@ -612,8 +612,11 @@
             $('[data-field-name=markup_html]', pane).show()
 
             if (!initialization && $(pane).data('prev-extension') != 'htm') {
-                var val = editor.codeEditor('getContent')
-                $('div[data-control=richeditor]', pane).richEditor('setContent', val)
+                var wrapper = $editor.data('oc.codeEditor')
+                if (wrapper) {
+                    var val = wrapper.getValue()
+                    $('div[data-control=richeditor]', pane).richEditor('setContent', val)
+                }
             }
         }
         else {
@@ -622,26 +625,44 @@
 
             if (!initialization && $(pane).data('prev-extension') == 'htm') {
                 var val = $('div[data-control=richeditor]', pane).richEditor('getContent')
-                editor.codeEditor('setContent', val)
+                var wrapper = $editor.data('oc.codeEditor')
+                if (wrapper) {
+                    wrapper.setValue(val)
+                }
             }
 
-            var modes = $.wn.codeEditorExtensionModes
+            var monacoExtensionModes = {
+                'htm': 'html',
+                'html': 'html',
+                'md': 'markdown',
+                'txt': 'plaintext',
+                'js': 'javascript',
+                'less': 'less',
+                'scss': 'scss',
+                'sass': 'scss',
+                'css': 'css'
+            }
 
-            if (modes[extension] !== undefined)
-                mode = modes[extension];
+            if (monacoExtensionModes[extension] !== undefined)
+                mode = monacoExtensionModes[extension]
 
             var setEditorMode = function() {
-                window.setTimeout(function(){
-                    editor.codeEditor('getEditorObject')
-                        .getSession()
-                        .setMode({ path: 'ace/mode/'+mode })
-                }, 200)
+                var wrapper = $editor.data('oc.codeEditor')
+                if (wrapper) {
+                    wrapper.setLanguage(mode)
+                }
             }
 
-            if (initialization)
-                editor.on('oc.codeEditorReady', setEditorMode)
-            else
+            if (initialization) {
+                window.Snowboard.on('backend.formwidget.codeeditor.create', function(widget) {
+                    if ($(widget.element).closest(pane).length > 0) {
+                        widget.setLanguage(mode)
+                    }
+                })
+            }
+            else {
                 setEditorMode()
+            }
         }
 
         if (!initialization)

classes/content/fields.yaml

@@ -23,12 +23,8 @@ secondaryTabs:
             stretch: true
             type: codeeditor
             language: html
-            theme: chrome
-            showGutter: false
-            highlightActiveLine: false
             fontSize: 13
             cssClass: pagesTextEditor
-            margin: 20
 
         markup_html:
             tab: cms::lang.editor.content

controllers/Index.php

@@ -189,10 +189,6 @@ public function index()
         $this->addJs('/plugins/winter/pages/assets/js/pages-snippets.js', 'Winter.Pages');
         $this->addCss('/plugins/winter/pages/assets/css/pages.css', 'Winter.Pages');
 
-        // Preload the code editor class as it could be needed
-        // before it loads dynamically.
-        $this->addJs('/modules/backend/formwidgets/codeeditor/assets/js/build-min.js', 'core');
-
         $this->bodyClass = 'compact-container';
         $this->pageTitle = 'winter.pages::lang.plugin.name';
         $this->pageTitleTemplate = Lang::get('winter.pages::lang.page.template_title');
@@ -777,6 +773,21 @@ protected function pushObjectForm($type, $object, $alias = null): array
         $widget = $this->makeObjectFormWidget($type, $object, $alias);
         $widget->bindToController();
 
+        // Prevent Froala richeditor from parsing raw content as HTML for non-HTML
+        // content files. The richeditor's valueFrom: markup causes it to receive the
+        // raw content value which triggers XSS when Froala calls jQuery .html().
+        if ($type === 'content') {
+            $widget->bindEvent('form.extendFields', function () use ($widget, $object) {
+                $extension = pathinfo($object->getFileName(), PATHINFO_EXTENSION);
+                if (!in_array($extension, ['htm', 'html'])) {
+                    $field = $widget->getField('markup_html');
+                    if ($field) {
+                        $field->value = '';
+                    }
+                }
+            });
+        }
+
         $this->vars['canCommit'] = $this->canCommitObject($object);
         $this->vars['canReset'] = $this->canResetObject($object);
         $this->vars['objectPath'] = Request::input('path');