Merge branch 'feature/8.4.0/DOC-3243' into feature/8/DOC-3243_TINY-13674

Author: kemister85

modules/ROOT/examples/live-demos/custom-view/index.js

@@ -19,7 +19,7 @@ tinymce.init({
           text: 'Save code',
           buttonType: 'primary',
           onAction: () => {
-            const codeContent = document.querySelector('.tox-view__pane_panel').value;
+            const codeContent = document.querySelector('.my-textarea').value;
             ed.setContent(codeContent);
             ed.execCommand('ToggleView', false, 'code');
             console.log('save');
@@ -28,12 +28,12 @@ tinymce.init({
       ],
       onShow: (api) => {
         const editorContent = ed.getContent();
-        api.getContainer().innerHTML = `
+        const container = api.getContainer();
+        container.innerHTML = `
           <div style="height: 100%">
-            <textarea class="tox-view__pane_panel" style="width: 100%; height: 100%; resize: none; padding: 0.5em">
-              ${editorContent}
-            </textarea>
-          </div>`.replace(/\s+/g, '');
+            <textarea class="my-textarea" style="width: 100%; height: 100%; resize: none; padding: 0.5em"></textarea>
+          </div>`;
+        container.querySelector('.my-textarea').value = editorContent;
       },
       onHide: (api) => {
         console.log('Deactivate code', api.getContainer());

modules/ROOT/pages/8.4.0-release-notes.adoc

@@ -28,8 +28,8 @@ include::partial$misc/admon-releasenotes-for-stable.adoc[]
 * xref:known-issues[Known issues]
 
 
-[[new-premium-plugins]]
-== New Premium plugins
+[[new-premium-plugin<s>]]
+== New Premium plugin<s>
 
 The following new Premium plugin was released alongside {productname} {release-version}.
 
@@ -57,6 +57,21 @@ For information on the **<Open source plugin name>** plugin, see xref:<plugincod
 
 The following premium plugin updates were released alongside {productname} {release-version}.
 
+=== Media Optimizer
+
+The {productname} {release-version} release includes an accompanying release of the **Media Optimizer** premium plugin.
+
+**Media Optimizer** includes the following addition.
+
+==== SVG images can now be uploaded.
+// #TINY-13708
+
+Previously, SVG images could not be uploaded through the Media Optimizer plugin because Uploadcare placed restrictions on SVG file handling. Users who needed to include SVG graphics in content were unable to upload them directly.
+
+In {productname} {release-version}, SVG images can now be uploaded through the Media Optimizer plugin. Some CDN operations may have limitations on SVG files; for details, see the link:https://uploadcare.com/docs/cdn-operations/#limits[Uploadcare documentation on CDN operation limits].
+
+For information on the **Media Optimizer** plugin, see: xref:uploadcare.adoc[Media Optimizer].
+
 === Full Page HTML
 
 The {productname} {release-version} release includes an accompanying release of the **Full Page HTML** premium plugin.
@@ -70,19 +85,51 @@ Previously, the Full Page HTML plugin used deprecated `+escape+` and `+unescape+
 
 In {productname} {release-version}, the plugin uses modern encoding APIs instead. This aligns the implementation with current browser guidance and improves reliability for protected content handling.
 
+==== Pasting an HTML document was vulnerable to XSS attacks
+// #TINY-13673
+
+A cross-site scripting (XSS) vulnerability was discovered in the Full Page HTML plugin. Previously, malicious code within the document `<head>` was able to be executed when pasted.
+
+This vulnerability has been patched in {productname} {release-version} by ensuring that content in the document `<head>` is properly encoded.
+
+==== New argument `fullpagehtml` to `editor.getContent()` and `editor.setContent()` APIs to only get/set the body of the content while the full page plugin is active.
+// #TINY-13744
+
+Previously, setting and getting the editor content while the Full Page HTML plugin was active could be troublesome due to the presence of the full HTML document on all API calls, even when not needed. Attempting to get and act only on the body content (for example, for saving) was undocumented and required workarounds.
+
+In {productname} {release-version}, the `fullpagehtml` option has been added to the `editor.getContent()` and `editor.setContent()` APIs. When set to `false`, this option allows getting and setting only the body content while the Full Page HTML plugin is active, without interfering with the full document structure. The document is now more resistant to accidental changes, and content can be retrieved or updated without including the full HTML document. For details, see xref:fullpagehtml.adoc#fullpagehtml-getcontent-setcontent[`fullpagehtml` option for getContent/setContent].
+
 For information on the **Full Page HTML** plugin, see: xref:fullpagehtml.adoc[Full Page HTML].
 
-=== <Premium plugin name 1> <Premium plugin name 1 version>
+=== Comments
 
-The {productname} {release-version} release includes an accompanying release of the **<Premium plugin name 1>** premium plugin.
+The {productname} {release-version} release includes an accompanying release of the **Comments** premium plugin.
 
-**<Premium plugin name 1>** <Premium plugin name 1 version> includes the following <fixes, changes, improvements>.
+**Comments** includes the following fix.
 
-==== <Premium plugin name 1 change 1>
+==== Errors when creating new comments made the save button stuck in a saving state.
+// #TINY-12224
 
-// CCFR here.
+Previously, when creating or editing a comment in Comments, the save button could remain in a saving state indefinitely if the save operation failed or if the component was not replaced. The saving state had no way to reset to false except by recreating the component, which misled users into thinking the operation was still in progress.
+
+In {productname} {release-version}, the save logic now resets the saving state to false after the save operation completes, whether the operation succeeds or fails. The save button no longer remains stuck in a saving state.
+
+For information on the **Comments** plugin, see: xref:introduction-to-tiny-comments.adoc[Comments].
 
-For information on the **<Premium plugin name 1>** plugin, see: xref:<plugincode>.adoc[<Premium plugin name 1>].
+=== Suggested Edits
+
+The {productname} {release-version} release includes an accompanying release of the **Suggested Edits** premium plugin.
+
+**Suggested Edits** includes the following improvement.
+
+==== Document view rendering to reduce flickering when loading Suggested Edits.
+// #TINY-13135
+
+Previously, the document displayed in the Review Edits view relied on the deprecated browser method `document.write`, which could cause content to appear before it was fully styled. Users could briefly see partially rendered or unstyled content when opening the review interface.
+
+In {productname} {release-version}, the document loading process in the Review Edits view has been updated to remove the deprecated method. The document is now displayed only after it has fully loaded, improving browser compatibility and providing a smoother and more stable experience when reviewing suggested edits.
+
+For information on the **Suggested Edits** plugin, see: xref:suggestededits.adoc[Suggested Edits].
 
 
 [[accompanying-premium-plugin-end-of-life-announcement]]
@@ -140,6 +187,17 @@ For information on using Enhanced Skins & Icon Packs, see: xref:enhanced-skins-a
 
 // CCFR here.
 
+=== The noneditable feature can now be disabled with the new `allow_noneditable` option.
+// #TINY-10121
+
+Previously, the noneditable plugin was converted to a feature in core in {productname} 6. The feature was always enabled with no documented way to turn it off, which was not always desirable for integrators.
+
+In {productname} {release-version}, a new xref:non-editable-content-options.adoc#allow_noneditable[`+allow_noneditable+`] option is available. It is enabled by default. When set to `+false+`, the noneditable feature is disabled, equivalent to disabling the plugin prior to {productname} 6.
+
+=== New `view_show` option to display a specified view on initialization.
+// #TINY-11967
+
+In {productname} {release-version}, the new xref:custom-view.adoc#view_show[`+view_show+`] option allows specifying which view to display when the editor is initialized. The option behaves similarly to `+sidebar_show+` but takes precedence for views; both sidebars and views can be configured to show on init.
 
 [[changes]]
 == Changes
@@ -173,6 +231,20 @@ For information on using Enhanced Skins & Icon Packs, see: xref:enhanced-skins-a
 
 // CCFR here.
 
+=== Directionality of Hebrew was incorrect
+// #TINY-13667
+
+Previously, right-to-left (RTL) directionality was not correctly set for Hebrew in the language pack. This caused the editor to render the wrong directionality when Hebrew was set as the language.
+
+In {productname} {release-version}, this issue has been addressed by ensuring that the directionality is correctly set for Hebrew in the language pack.
+
+=== Bundled content CSS is now loaded into preview iframes
+// #TINY-13190
+
+Previously, when the editor content CSS was bundled, it was not loaded into preview iframes. This caused a visual mismatch between the editor content area and what users saw in the Preview dialog, Suggested Edits view and Revision History view.
+
+In {productname} {release-version}, the fix checks if the content CSS is available as a bundled resource and applies it to the Preview Iframe through style tags. Bundled content CSS is now correctly loaded in the Preview Iframe.
+
 
 [[security-fixes]]
 == Security fixes

modules/ROOT/pages/advcode.adoc

@@ -66,6 +66,8 @@ include::partial$configuration/advcode_prettify_getcontent.adoc[leveloffset=+1]
 
 include::partial$configuration/advcode_prettify_editor.adoc[leveloffset=+1]
 
+include::partial$plugins/advcode-open-view.adoc[]
+
 include::partial$misc/advcode-shortcuts.adoc[]
 
 include::partial$misc/plugin-toolbar-button-id-boilerplate.adoc[]

modules/ROOT/pages/custom-view.adoc

@@ -57,6 +57,10 @@ To query the state of the custom view (whether it is currently visible or hidden
 editor.queryCommandValue('ToggleView') == 'myCustomView';
 ----
 
+== Options
+
+include::partial$configuration/view_show.adoc[leveloffset=+1]
+
 == Interactive example
 
 This example shows how to integrate a custom view using the `addView` API.

modules/ROOT/pages/fullpagehtml.adoc

@@ -109,6 +109,8 @@ include::partial$configuration/fullpagehtml-default-body-style.adoc[leveloffset=
 
 include::partial$configuration/fullpagehtml-hide-in-source-view.adoc[leveloffset=+1]
 
+include::partial$configuration/fullpagehtml-getcontent-setcontent.adoc[leveloffset=+1]
+
 include::partial$misc/plugin-toolbar-button-id-boilerplate.adoc[]
 
 include::partial$toolbar-button-ids/{plugincode}-toolbar-buttons.adoc[leveloffset=+1]

modules/ROOT/pages/non-editable-content-options.adoc

@@ -13,6 +13,9 @@ liveDemo::editable-class-and-editable-root[]
 [NOTE]
 Visit xref:ie-template-creation.adoc[Template creation example] for a practical example of multi-root editing.
 
+// allow_noneditable
+include::partial$configuration/allow_noneditable.adoc[]
+
 // noneditable_class
 include::partial$configuration/noneditable_class.adoc[]
 

modules/ROOT/pages/revisionhistory.adoc

@@ -121,6 +121,8 @@ include::partial$configuration/revisionhistory_css_url.adoc[leveloffset=+1]
 
 include::partial$configuration/revisionhistory_diff_classes.adoc[leveloffset=+1]
 
+include::partial$plugins/revisionhistory-open-view.adoc[]
+
 include::partial$misc/plugin-toolbar-button-id-boilerplate.adoc[]
 
 include::partial$misc/plugin-menu-item-id-boilerplate.adoc[]

modules/ROOT/pages/suggestededits.adoc

@@ -127,6 +127,8 @@ include::partial$configuration/suggestededits_access.adoc[leveloffset=+1]
 
 include::partial$configuration/suggestededits_auto_approve.adoc[leveloffset=+1]
 
+include::partial$plugins/suggestededits-open-view.adoc[]
+
 include::partial$configuration/user_id.adoc[leveloffset=+1]
 
 include::partial$configuration/fetch_users.adoc[leveloffset=+1]

modules/ROOT/partials/configuration/allow_noneditable.adoc

@@ -0,0 +1,18 @@
+[[allow_noneditable]]
+== `+allow_noneditable+`
+
+This option controls whether the non-editable content feature is enabled. When set to `+false+`, the non-editable feature is disabled entirely, equivalent to disabling the `noneditable` plugin prior to {productname} 6.
+
+*Type:* `+Boolean+`
+
+*Default value:* `+true+`
+
+=== Example: using `+allow_noneditable+`
+
+[source,js]
+----
+tinymce.init({
+  selector: 'textarea',  // change this value according to your HTML
+  allow_noneditable: false
+});
+----

modules/ROOT/partials/configuration/fullpagehtml-getcontent-setcontent.adoc

@@ -0,0 +1,22 @@
+[[fullpagehtml-getcontent-setcontent]]
+== `+fullpagehtml+` option for `+getContent()+` and `+setContent()+`
+
+When the {pluginname} plugin is active, `editor.getContent()` and `editor.setContent()` return and accept the full HTML document by default. The `fullpagehtml` option allows getting and setting only the body content when needed.
+
+Pass `fullpagehtml: false` in the options object to bypass full-page processing and work with body content only:
+
+* `editor.getContent({ fullpagehtml: false })` — Returns only the `<body>` content.
+* `editor.setContent(content, { fullpagehtml: false })` — Sets only the body content without modifying the document head.
+
+This option is useful when saving or loading body content separately (for example, when storing content in a database or when integrating with systems that expect body-only HTML). Unlike `fullpagehtml_hide_in_source_view`, which affects only the source code view display, the `fullpagehtml` option affects API behavior and requires no configuration.
+
+=== Example: getting and setting body content
+
+[source,js]
+----
+// Get only the body content for saving
+const bodyContent = editor.getContent({ fullpagehtml: false });
+
+// Set only the body content (preserves document head)
+editor.setContent(newBodyContent, { format: 'html', fullpagehtml: false });
+----