Editors and iframes

I have done extensive research in this area as well - my code is used in production by 100,000 users, by another company. I personally always choose to go with direct contentEditable without an iframe. It makes things much easier.<p>However, what the author did not mention was security. My assumption as to why the company that uses my code, still uses it inside an iframe, is to prevent accidental XSS injection from when their user&#x27;s copy and paste content (sometimes with javascript embedded in it) into the editor. So be careful about that.<p>Another recommendation I have, is to NOT use execCommand.

I built a demo, for a rich text editor, for fastmail.fm. The editor is called Squire (<a href="http://neilj.github.io/Squire/" rel="nofollow">http:&#x2F;&#x2F;neilj.github.io&#x2F;Squire&#x2F;</a>) and designed for essays, emails, longforms ect. Squire uses contenteditable within an iframe. However, the editor replaces all the functionality of content editable to create a higher level of compatibility across browsers.<p>Thanks for your article, I really enjoyed it. Matt (<a href="http://www.matthewbordenweb.com/" rel="nofollow">http:&#x2F;&#x2F;www.matthewbordenweb.com&#x2F;</a>)

I wonder what he thinks of eg, <a href="https://medium.com/medium-eng/why-contenteditable-is-terrible-122d8a40e480" rel="nofollow">https:&#x2F;&#x2F;medium.com&#x2F;medium-eng&#x2F;why-contenteditable-is-terribl...</a>

I couldn&#x27;t find any good editor without iframe which provides delta save + content versioning. So I built one - Smalleditor (<a href="http://jdkanani.github.io/smalleditor" rel="nofollow">http:&#x2F;&#x2F;jdkanani.github.io&#x2F;smalleditor</a>) - it is similar to Medium&#x27;s editor but with contenteditable.

&gt; The most discussed benefit of iframes is separation from other styles and scripts on the web page.<p>I would love to hear your plans to overcome this as it is pretty much a hard requirement for any editor integration.<p>I have run into this and was quite hopeful about &lt;style scoped&gt; but browser support leaves much to be desired.

I got to choose which text editor we implemented in a large project a while ago and we ended with Quill, because of its easy customisation and contained feature set. The latter was a bonus for us, as we had to do much less checking for users adding breaking code to the page.<p>I do not envy rich text editor authors one bit. Even implementing them has an unreasonable amount of gotcha&#x27;s when you dive into getting your page and the iframe&#x2F;editor to communicate effectively.

I&#x27;m looking for a simple text editor for a side project. I hacked something together with contenteditable, but am quite frustrated with it for various reasons.<p>Recommendation for a simple text editor that doesn&#x27;t get in the user&#x27;s way?

I wished there was a good RTE implementation that supported custom classes but still worked with undo&#x2F;redo like content-editable.

And... Yet another website that refuses to display plain text without JS. Progressive enhancement. It&#x27;s not rocket science.