PW removing characters from a[href^="tel:"]

[DrQuincy]

I've noticed that if I have a CKEditor field and add a link that begins with tel: E.g.

tel:+44 (0)1234 567 0000

When I view source immediately in CKEditor I see:

<p><a href="tel:+44 (0)1234 567 000">TEST</a></p>

So it's not being removed by ACF (that seems to run once you close the source dialog). But when I save it I get this:

<p><a href="tel:+4420012342056720000">TEST</a></p>

It looks like it's encoded it correctly (%20 for each space) and then stripped out the %, making the number invalid.

If you omit tel: from the link everything is encoded correctly.

It seems to affect all my installs regardless of version (3.0.165+). I have an old site on 3.0.98 that doesn't seem to have this issue. I'm worried now quite a few sites will have invalid numbers.

What is happening and is this intended behaviour? Does it run through HTML purifier? It seems to be the same even if you set Content Type to Unknown/Text rather than Markup/HTML.

EDIT: It is HTML purifier. If in the Input tab of the field you set Use HTML Purifier? to false, it doesn't do anything with the HTML. It seems fine with a 3.0.98 site though with the same settings.

Is there anywhere to switch this feature off while still having Use HTML Purifier? set to true?

If not, I guess my options are to either switch it off (I think that's okay within a CMS context since ACF would stripe out anything untoward) or tell clients they can only use +, - and 0-9 in phone numbers.

[teppo]

Looks like MarkupHTMLPurifier used to skip tel: links in the past due to HTML Purifier not supporting them. This bypass was removed in 3.0.137, so after that version tel: links have likely had to adhere to stricter rules.

5 hours ago, DrQuincy said:

or tell clients they can only use +, - and 0-9 in phone numbers.

I would likely go with this option, to be honest. But perhaps someone else knows how to customize Purifier — I've tried it once or twice, but eventually had to give up ?

[Robin S]

@DrQuincy, you could use JavaScript to remove any disallowed characters from the input if the href is a tel link:

$wire->addHookAfter('ProcessPageEditLink::execute', function(HookEvent $event) {
	$event->return .= <<<EOT
<script>
$(document).ready(function() {
	$(document).on('blur', '#link_page_url_input', function() {
		var href = $(this).val();
		// If the href is a tel link
		if(href.startsWith('tel:')) {
			// Remove any disallowed characters
			href = href.replaceAll(' ', '').replaceAll('(', '').replaceAll(')', '');
			$(this).val(href).trigger('change');
		}
	});
});
</script>
EOT;
});

 

[DrQuincy]

Thanks @teppo, interesting to see that commit.

@Robin S Thank you, that works great!

I'm thinking I might change it so that instead of removing brackets it removes (0). My clients are UK-based and (0) is preceded by +44. If you have +440, this is technically invalid and won't always work.