Page tree
Skip to end of metadata
Go to start of metadata
Introduction to this page

The Third Light Browser Drupal Module provides a plugin for the popular CKEditor rich-text editing module for Drupal 8.  It allows CKEditor users to locate files on a Third Light Chorus site using the Third Light Browser plugin, and embed them into pages.

This plugin was tested against Drupal v8.5.2. If you use it with a later build, please let us know the result so we can update our records. Thank you!


  1. Download the plugin from
  2. Unpack the ZIP file into the modules directory on your Drupal 8 system.
  3. Alternatively, from the 'Manage' menu in Drupal 8, click the “Extend Tab” and then the “Install new module” button. Next, browse to the you downloaded in step 1 and install. 
  4. Go to the 'Extend' page in your site's Drupal administration.
    1. Ensure the CKEditor module is installed and enabled - see for details of how to do this.
    2. Enable the Third Light Browser module under the Manage > Extend > Content Authoring section.
  5. Review configuration permissions in the Manage > People > Permissions section.
  6. Go to the Configuration > Content Authoring > Text Formats and Editor page; For each profile, click 'Configure' to:
    1. Drag the Third Light plugin to your CKEditor toolbar as illustrated in Fig 1. below (Manage > Configuration > Content Authoring > Text Formats and Editors > Configure).  
    2. Ensure that in the 'Enabled filters' section, 'Restrict images to this site' is NOT checked.  If 'Limit allowed HTML tags' is checked, ensure that at a minimum, "<img src height width>" is allowed in the "Filter settings > Allowed HTML Tags" section - See Fig 2 below.
    3. Select 'Filtered HTML'.
    4. Go to the 'Filter Settings' section and click the tab named 'Limit allowed HTML tags'.
    5. Add <img> to the end of the list.
  7. Go to the Third Light Browser module configuration page.
  8. Click "Edit Settings", and enter your Third Light Site address.
  9. To post content to your Drupal Site from Chorus, click the Third Light Browser icon in the toolbar - See Fig 3 below.
Fig 1.


Fig 2.


Fig 3.

Additional options

The following basic options are available:

  • Show file revisions - Enable the display of other versions of files inside the browser (where the user has permission)
  • Display metadata - Enable the display of metadata inside the browser
  • Choose a skin - You can choose between the "Light", "Dark" and "Blue" themes, which affect the appearance of the browser.
  • Title for inserted images - Optionally set the 'title' text for images inserted using the plugin based on the metadata of the selected file.

In addition, if a valid API key is specified, you can choose to log users in to Chorus automatically, based on their username or e-mail address.

Output formats

You can configure the output options displayed in the Third Light Browser by editing, adding or removing output formats from the module configuration page.

For each size, you can specify:

  • Name - used to identify the output option inside the CMS browser
  • Width - desired width (in pixels) of the output format
  • Height - desired height (in pixels) of the output format
  • Format - image file format to use
  • CSS Class - optional default CSS class to add to images inserted using this output format.


Using the Drupal role-based permissions system you can grant roles the right to use or administer the Third Light Browser module.

By default only Administrators can use the tool, or change module settings.

Chorus user accounts that you intend to use with the Third Light Browser module will need to have the right to publish files.

Chorus Authentication

By default, when a user launches the Third Light Browser, they will be prompted to log in (unless they have already logged in to Chorus in the same browser session).

If a valid API key is specified, you can enable automatic log-in based on the Drupal username or e-mail address.

When configured, the Drupal module makes a server-to-server query to the Chorus API, authenticated by the API key supplied, to try to find a user in Chorus with the same username or e-mail address (depending on the option chosen). If such a user is found, the Drupal module retrieves an authenticated token for them, and passes it in to the Third Light Browser. This bypasses the username and password login that would otherwise be presented.

If the Drupal module cannot find such a user in Chorus, the Third Light Browser tool is not enabled in the CKEditor toolbar.

Security Considerations

  • If your Third Light Chorus site and Drupal site connect to each other over the internet and you are using the API key, you must configure an SSL certificate and use https:// for the Third Light site address. All Chorus sites use HTTPS by default.
  • If using automatic log-in, you should ensure that automatic user registration in Drupal does not allow users to access the Third Light Browser without verification of their e-mail address or username. For example, you could not grant the automatically assigned role permission to use the Third Light Browser (See Permissions, above).

You are here: