[
https://issues.apache.org/jira/browse/WOOKIE-64?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12782680#action_12782680
]
Scott Wilson commented on WOOKIE-64:
------------------------------------
This works fine for scripts, but doesn't seem to do it for inline <style> tags,
which can have errors introduced from escaping even with
UseCdataForScriptAndStyle set to true.
> Wookie rewrites HTML start file incorrectly when injecting JavaScript:
> incorrectly encodes inline scripts
> ---------------------------------------------------------------------------------------------------------
>
> Key: WOOKIE-64
> URL: https://issues.apache.org/jira/browse/WOOKIE-64
> Project: Wookie
> Issue Type: Bug
> Components: Server
> Reporter: Scott Wilson
> Priority: Blocker
> Fix For: 0.8.1
>
> Original Estimate: 2h
> Remaining Estimate: 2h
>
> When a widget package is uploaded into Wookie, the start file is injected
> with Wookie javascripts using HTMLCleaner.
> However, where a widget start file already includes inline JavaScript, the
> output is entity encoded; e.g.:
> if( window.widget.preferences["test1"] == "pass1" &&
> Becomes:
> if( window.widget.preferences["test1"] ==
> "pass1" &&
> This breaks a lot of scripts.
> To test, use any of the test widgets at:
> http://dev.w3.org/2006/waf/widgets-api/test-suite/
> This is probably best tackled in conjunction with WOOKIE-42
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
