As long as you're using the latest caja, this scheme should work fine. Of
course if you're using a different version of caja, there'll be version skew
issues if you're hard linking to the latest html-sanitizer. That said,
html-sanitizer api and code has been pretty stable for the last year.
Jasv
yep.. i can fetch it..
and i found the code you just pasted.. so it's there..
maybe i need to clean a cache?
you guys just can test with the osda app
http://osda.appspot.com/gadget/osda-0.8.xml
Paul Lindner schreef:
> Since PHP doesn't have the caja jar in the classpath the res:// URL is
> conver
Since PHP doesn't have the caja jar in the classpath the res:// URL is
converted into an http URL
// Make html-santitization work see SHINDIG-346
if ($content ==
'res://com/google/caja/plugin/html-sanitizer-minified.js') {
$content= '
http://google-caja.googlecode.com/svn
Maybe also catch error for decodeForm in line 497 and 591?
On Thu, Feb 11, 2010 at 4:57 PM, wrote:
> Reviewers: shindig.remailer_gmail.com,
>
> Description:
> Improves error handling for this case.
>
> Please review this at http://codereview.appspot.com/207074/show
>
> Affected files:
>
> java/
Thanks Paul; committed.
On Thu, Feb 11, 2010 at 5:03 PM, wrote:
> lgtm
>
>
>
> http://codereview.appspot.com/207074/show
>
lgtm
http://codereview.appspot.com/207074/show
Reviewers: shindig.remailer_gmail.com,
Description:
Improves error handling for this case.
Please review this at http://codereview.appspot.com/207074/show
Affected files:
java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthRequest.java
Index:
java/gadgets/src/main/java/org
Patch committed.
On Thu, Feb 11, 2010 at 4:49 PM, wrote:
> Merge code with the latest
>
>
> http://codereview.appspot.com/206057/show
>
It ought to be fetched by maven and stashed in your maven
cache ~/.m2/repository/caja/caja/r3950/caja-r3950.jar where 3950 is the
version of caja its pulling. I am not sure how the php version unpacks this
file to get at html-sanitizer.js
On Thu, Feb 11, 2010 at 4:20 PM, Pieter Maes -- Maescool
Ok.. i updated the feature.xml but still nothing
Also, i use the php installiation
i have been looking arround for the jar, but i don't see it?
John Hjelmstad schreef:
Sounds good Pieter - be sure to check whatever Caja JAR is
imported for files similarly named (jar tf caja.jar | grep -i h
Rietveld is giving me all sorts of problems, so I'll paste my comments here.
1. [extremely minor] Rename gmodules.com to apache.org or example.com in
tests.
2. Does the new HttpFetcher pipeline work when
StringUtils.isEmpty(uri.getScheme()) ie. for schemaless requests? I'd be
interested in a quick
Sounds good Pieter - be sure to check whatever Caja JAR is imported for
files similarly named (jar tf caja.jar | grep -i html | grep -i sanitize) in
case there's just a renaming issue.
--j
On Thu, Feb 11, 2010 at 3:02 PM, Pieter Maes -- Maescool
wrote:
> Hi John,
>
> Thanks for the hint!
> the
Hi John,
Thanks for the hint!
the beta5 does not contain it, it is in the trunk ;)
i'll copy the core/featrue.xml from the trunk to my installation :)
Maybe it should get in beta6 cause else osda doesn't work
John Hjelmstad schreef:
Hi Pieter:
I don't recall what exactly made it to BET
Hi Pieter:
I don't recall what exactly made it to BETA5, but this comes from a Caja
file dependency in the "core" JS feature.
>From core/feature.xml:
Hope this helps you track the particulars down.
--j
On Thu, Feb 11, 2010 at 2:22 PM, Pieter Maes -- Maescool
wrote:
> Hi,
>
> W
Hi,
When testing the beta5 release (from the tags in svn) i stumbled upon
this error
When grepping where it was used
features/src/main/javascript/features/tabs/tabs.js: tab.td_.innerHTML =
html_sanitize(tabName);
features/src/main/javascript/features/minimessage/minimessage.js:
td.innerHTML
On Thu, Feb 11, 2010 at 2:57 AM, wrote:
>
> http://codereview.appspot.com/207059/diff/1/14
> File
>
> java/gadgets/src/main/java/org/apache/shindig/gadgets/AbstractSpecFactory.java
> (right):
>
> http://codereview.appspot.com/207059/diff/1/14#newcode134
>
> java/gadgets/src/main/java/org/apache/s
Thanks for looking, Paul! I've committed this CL. Happy to accept
refinements over time.
On Thu, Feb 11, 2010 at 12:18 AM, wrote:
> logic seems fine to me.
>
>
>
> http://codereview.appspot.com/207060/show
>
Hi,
I was wondering if there will be also a production release version
ready? one where i just need to put in config, cert and my own modules?
without the tests and demo data?
Or a script which cleans it out?
just a small idea to improve security.
Thanks!
--
Pieter Maes
HI Robert,
I believe you can add optional request parameters "nocache=1" to the gadget
iframe url to force gadget rendering servlet to re-render the gadget.
- Henry
On Wed, Feb 10, 2010 at 6:39 PM, Robert Peterson
wrote:
> We've only been using Shindig for a couple days - if this is documented
Right now a container developer has to move a bunch of static files around
to inject container behavior into a page. I'd like to see the core and
samplecontainer pieces managed using the same JS infrastructure as the
iframe hosted JS. This means that we get minification, dependency
management, js
We've only been using Shindig for a couple days - if this is documented, my
apologies. We have a gadget we're working on that uses a lot of javascript
which is imported with script tags in the spec . We are constantly
changing the scripts as we develop and have found that when we use either
the def
Thanks for the reply Paul.
Based on what's in the mavenized-socialsite project, could you be more
concrete about what needs to be changed/fixed?
Regards,
Viggo
On Thu, Feb 11, 2010 at 8:56 AM, Paul Lindner wrote:
> It's possible that the containing page is not including osapi.js, which is
> pa
logic seems fine to me.
http://codereview.appspot.com/207060/show
23 matches
Mail list logo