Edit on GitHub
Jump to docs navigation

Field Types / HTML field

Note: You are currently reading the documentation for Bolt 3.6. Looking for the documentation for Bolt 3.5 instead?

A WYSIWYG HTML field. You can supply extra options to it to customize the behaviour and appearance.

Basic Configuration:

        content:
            type: html

Example usage in templates:

To print out the HTML field you just need to do in your templates:

{{ record.content }}

Options:

The field has a few options to change the appearance and functionality of the field.

  • allowtwig can be set to true or false to control if twig may be used in the field
  • options contains the options for the WYSIWYG editor. See below for an example and the CKEditor API for more information on possible options:
        content:
            type: html
            options:
                ckeditor:
                    entities: true # this enables special characters to be stored as their HTML entity
                    entities_latin: true # this enables Latin characters to be stored as their HTML entity - eg when true, £ is stored as £
                    height: 400
                    autoGrow_maxHeight: 400
                    autoGrow_onStartup: false
                    uiColor: '#BADA55'
                    autoGrow_minHeight: 300
                    # The following would remove all the default bolt buttons from the button bar. No whitespace in the value allowed.
                    removeButtons : "Bold,Link,Unlink,NumberedList,BulletedList,Italic,Format,Indent,Outdent,RemoveFormat,Maximize" 

Input Sanitisation

All content in this field type will be sanitised before it gets inserted into the database. This means that only 'whitelisted' HTML like <b> and <img src="…"> is kept, while things like <embed> and <script> are scrubbed from the field before being stored. As a site-implementor you can control the whitelisted tags and attributes using the following section in config.yml:

htmlcleaner:
    allowed_tags: [ div, span, p, br, hr, s, u, strong, em, i, b, li, ul, ol, …, … ]
    allowed_attributes: [ id, class, style, name, value, href, src, alt, title, …, … ]

By design, you can not disable the sanitation entirely. If you need to allow the editors to insert unfiltered HTML or javascript, use a type: textarea field instead.

Edit this page on GitHub
Couldn't find what you were looking for? We are happy to help you in the forum, on Slack or on IRC.