As long as you're using the latest caja, this scheme should work fine. Of course if you're using a different version of caja, there'll be version skew issues if you're hard linking to the latest html-sanitizer. That said, html-sanitizer api and code has been pretty stable for the last year.
Jasvir On Fri, Feb 12, 2010 at 12:40 PM, Pieter Maes -- Maescool <pie...@aslpage.be > wrote: > > yep.. i can fetch it.. > and i found the code you just pasted.. so it's there.. > maybe i need to clean a cache? > you guys just can test with the osda app > http://osda.appspot.com/gadget/osda-0.8.xml > > Paul Lindner schreef: > > Since PHP doesn't have the caja jar in the classpath the res:// URL is > > converted into an http URL > > > > // Make html-santitization work see SHINDIG-346 > > if ($content == > > 'res://com/google/caja/plugin/html-sanitizer-minified.js') { > > $content= ' > > > http://google-caja.googlecode.com/svn/trunk/src/com/google/caja/plugin/html-sanitizer.js > > '; > > } > > > > Are you able to fetch that URL from the host where you're running PHP > > shindig? > > > > > > > > 2010/2/11 ๏̯͡๏ Jasvir Nagra <jas...@google.com> > > > > > >> It ought to be fetched by maven and stashed in your maven > >> cache ~/.m2/repository/caja/caja/r3950/caja-r3950.jar where 3950 is the > >> version of caja its pulling. I am not sure how the php version unpacks > this > >> file to get at html-sanitizer.js > >> > >> On Thu, Feb 11, 2010 at 4:20 PM, Pieter Maes -- Maescool < > >> pie...@aslpage.be> wrote: > >> > >> > >>> Ok.. i updated the feature.xml but still nothing > >>> Also, i use the php installiation > >>> i have been looking arround for the jar, but i don't see it? > >>> > >>> > >>> > >>> > >>> John Hjelmstad schreef: > >>> > >>> Sounds good Pieter - be sure to check whatever Caja JAR is imported for > >>> files similarly named (jar tf caja.jar | grep -i html | grep -i > sanitize) in > >>> case there's just a renaming issue. > >>> > >>> --j > >>> > >>> On Thu, Feb 11, 2010 at 3:02 PM, Pieter Maes -- Maescool < > >>> pie...@aslpage.be> wrote: > >>> > >>> > >>>> Hi John, > >>>> > >>>> Thanks for the hint! > >>>> the beta5 does not contain it, it is in the trunk ;) > >>>> i'll copy the core/featrue.xml from the trunk to my installation :) > >>>> Maybe it should get in beta6 cause else osda doesn't work > >>>> > >>>> > >>>> > >>>> John Hjelmstad schreef: > >>>> > >>>> Hi Pieter: > >>>> > >>>> I don't recall what exactly made it to BETA5, but this comes from a > Caja > >>>> file dependency in the "core" JS feature. > >>>> > >>>> From core/feature.xml: > >>>> <gadget> > >>>> <!-- for html_sanitize --> > >>>> <script > >>>> > src="res://com/google/caja/plugin/html-sanitizer-minified.js"></script> > >>>> </gadget> > >>>> > >>>> Hope this helps you track the particulars down. > >>>> > >>>> --j > >>>> > >>>> On Thu, Feb 11, 2010 at 2:22 PM, Pieter Maes -- Maescool< > pie...@aslpage.be> <pie...@aslpage.be>wrote: > >>>> > >>>> > >>>> > >>>> Hi, > >>>> > >>>> When testing the beta5 release (from the tags in svn) i stumbled upon > >>>> this error > >>>> When grepping where it was used > >>>> features/src/main/javascript/features/tabs/tabs.js: tab.td_.innerHTML > = > >>>> html_sanitize(tabName); > >>>> features/src/main/javascript/features/minimessage/minimessage.js: > >>>> td.innerHTML = html_sanitize(message); > >>>> > >>>> But it was nowhere defined?! > >>>> > >>>> it has been inserted after the 1.0.0 release (according to what i > see). > >>>> > >>>> Thanks > >>>> > >>>> -- > >>>> Pieter Maes > >>>> > >>>> > >>>> > >>>> > >>>> > > > > >
