diff --git a/public/static/plugs/ckeditor/config.js b/public/static/plugs/ckeditor/config.js
index 6111afdd12..803575ef25 100644
--- a/public/static/plugs/ckeditor/config.js
+++ b/public/static/plugs/ckeditor/config.js
@@ -8,11 +8,13 @@ CKEDITOR.editorConfig = function (config) {
         {name: 'uimage', items: ['Link', 'Unlink', 'Table', 'UploadImage', 'UploadMusic', 'UploadVideo', 'UploadHtml']},
         {name: 'tools', items: ['Maximize']}
     ];
-    config.allowedContent = true;
     config.format_tags = 'p;h1;h2;h3;pre';
     config.extraPlugins = 'uimage,umusic,uhtml,uvideo';
     config.removeButtons = 'Underline,Subscript,Superscript';
     config.removeDialogTabs = 'image:advanced;link:advanced';
+    // 内容过滤
+    config.allowedContent = {$1: {elements: CKEDITOR.dtd, attributes: true, styles: true, classes: true}};
+    config.disallowedContent = 'script; *[on*]';
     config.font_names = '微软雅黑/Microsoft YaHei;宋体/SimSun;新宋体/NSimSun;仿宋/FangSong;楷体/KaiTi;黑体/SimHei;' + config.font_names;
 };