// 28.Apr.2009

Fixing WYSIWYG Web Editors

In The Sorry State of WYSIWYG Web Editors, Mike Davidson bemoans the fact that the current crop of web-based WYSIWYG editors are all, in some way, broken — and I agree with him. Now don't get me wrong, editors such as TinyMCE, YUI and FCKeditor are the result of considerable programming effort and ingenuity and each has its own unique selling points. Yet, despite representing the current state-of-the-art, these editors each suffer from various flaws and I wouldn't wish any of them on an inexperienced user… because, at the end of the day, they are all kludges!

WYSIWYG editing should be a function of the web-browser - not the web-page!

The purpose of a web WYSIWYG editor is a simple one: to provide the user with a graphical environment for composition, then produce valid, standards-compliant (X)HTML source code representing that composition. It sounds so very simple doesn't it?

Unfortunately (X)HTML  doesn't provide any mechanism for WYSIWYG editing. Why would it? It's a layout language, nothing more. (X)HTML does provide a textarea tag, which supports a multi-line text input field capable of accepting unlimited characters. In the early days of the Web textarea was all that was needed - we had no web-based applications and thus no need of WYSIWYG editing.

But today things are very different. So some bright spark came up with the idea of hacking the textarea, transforming it into a fully-featured graphical WYSIWYG editor with sophisticated client-side JavaScript. This hack achieved critical mass and the WYSIWYG editors we use all over the web today are almost all based on this methodology. But underneath the glitter and window dressing there remains the humble textarea, a (X)HTML widget that was never designed to be the editing interface of a CMS or weblog and the cracks are visible to almost everyone who uses such editors:

  • They often produce mangled (X)HTML
  • Copy and paste from external sources (especially Microsoft Word) is unpredictable
  • They don't work at all if JavaScript is disabled in the browser
  • They don't work in some browsers even if JavaScript is enabled
  • Undo/redo is often flaky
  • Their interface is almost always non-native to the host OS

I once wrote a CMS. I built my composition interface around WysiwygPro, a commercial editor which seemed to me at the time to be among the very best of its ilk. I vividly remember the disproportionate effort I had to invest in coding around the limitations of the editor. I understand from Mike Davidson's article that the WordPress programmers have to do a "crazy amount of ridiculous cleaning, converting, regexing, transforming, and other shenanigans" to get a usable output from their editor

In my opinion, these WYSIWYG editors will never be as good as we need them to be. They can never be industrial strength because they will always remain hacks.

But it needn't be this way. Let's think about my earlier proclamation: WYSIWYG editing should be a function of the web-browser - not the web-page! If the web-browser itself provided a WYSIWYG option for every textarea on a web-page how would that change things?

Well for a start, we'd have a user interface that would be consistent with our OS/browser of choice and that'd be a real big win right there. JavaScript would no longer be a requirement. Undo/redo should work perfectly, as should copy and paste. With no relevant JavaScript libraries to download, our CMSs would feel faster too.

As a function of the browser, the WYSIWYG editor should just work. And, of course, the output produced should be perfectly formed, valid and compliant with whatever standards the user would configure in the browser's preferences.

Your web-browser could provide this functionality without breaking anything that's already out there. WYSIWYG as a function of the browser would require no changes to the HTML specifications, no redesign of websites, no adjustment to web-servers and, as far as I can see, absolutely no downside.

The Web is here to stay, of that there can be no doubt. It's also going to continue to evolve. As we continue to move more and more applications that were previously the domain of the desktop computer onto the Internet, so our need for WYSIWYG editing will increase. We need this functionality today, we're going to need it even more tomorrow.

It's time to stop hacking the textarea with JavaScript - it's time to start petitioning the producers of web-browsers to incorporate WYSIWYG editing into their products.

Who's with me?

Last Revision: April 28th, 2009 at 21:42

4 Comments for “Fixing WYSIWYG Web Editors”

  1. I couldn’t agree more. The cut and paste functionality from MS Word is a big one for me. It’s a great idea building this feature into web browsers. Web 2.0 should demand it!

  2. It certainly makes sense to me Rod. Of course web-designers and the programmers of JavaScript WYSIWYG editors can’t be blamed for the idiosyncrasies of MS Word - but neither can the non-technical user be blamed for being stumped when trying to perform a paste from Word into their CMS.

    Something definitely needs to be done.

  3. We are a web design and development company. A few of our client sites are being hacked repeatedly, somehow hackers modify the .htaccess file and stop website from working properly. We have been studying about website security and hacking and we did several things to stop it but have failed.

    After reading your article about WYSIWYG editors I am convinced that hackers crack into the website from these editors we are using. We are removing these editors for this time and placing simple text areas.

    I agree and I am with you to support the cause of WYSIWYG editing through web browsers and not web sites. I was wondring, may be thats why WIKI use its own syntax to edit the pages, and they don’t use WYSIWYG editors or HTML language.

    Thank you for sharing your thoughts and giving us an insight about WYSIWYG editors.

  4. @Muhammad: I haven’t heard of any website being hacked via a WYSIWYG web-editor, although that’s not to say that it’s not happening. However, if someone’s managing to get access to your .htaccess files then I think you have bigger security issues to look at. It might be worth you having a thorough security review of your web-servers.