Jump to docs navigation

Field Types / HTML field

Note: You are currently reading the documentation for Bolt 4.0. Looking for the documentation for Bolt 3.7 instead?

Basic Configuration:
Example usage in templates:
Options:
Input Sanitisation

A WYSIWYG HTML field. You can supply extra options to it to customize the behaviour and appearance.

Basic Configuration:¶

        content:
            type: html

Example usage in templates:¶

To print out the HTML field you just need to do in your templates:

{{ record.content }}

Options:¶

The field has a few options to change the appearance and functionality of the field.

allowtwig can be set to true or false to control if twig may be used in the field
options contains the options for the WYSIWYG editor. See below for an example and the CKEditor API for more information on possible options:

        content:
            type: html
            options:
                ckeditor:
                    entities: true # this enables special characters to be stored as their HTML entity
                    entities_latin: true # this enables Latin characters to be stored as their HTML entity - eg when true, £ is stored as &pound;
                    height: 400
                    autoGrow_maxHeight: 400
                    autoGrow_onStartup: false
                    uiColor: '#BADA55'
                    autoGrow_minHeight: 300
                    # The following would remove all the default bolt buttons from the button bar. No whitespace in the value allowed.
                    removeButtons : "Bold,Link,Unlink,NumberedList,BulletedList,Italic,Format,Indent,Outdent,RemoveFormat,Maximize"

Input Sanitisation¶

All content in this field type will be sanitised before it gets inserted into the database. This means that only 'whitelisted' HTML like <b> and <img src="…"> is kept, while things like <embed> and <script> are scrubbed from the field before being stored. As a site-implementor you can control the whitelisted tags and attributes using the following section in config.yml:

htmlcleaner:
    allowed_tags: [ div, span, p, br, hr, s, u, strong, em, i, b, li, ul, ol, …, … ]
    allowed_attributes: [ id, class, style, name, value, href, src, alt, title, …, … ]

By design, you can not disable the sanitation entirely. If you need to allow the editors to insert unfiltered HTML or javascript, use a type: textarea field instead.

Edit this page on GitHub

Couldn't find what you were looking for? We are happy to help you in the forum, on Slack or on Github.