[
https://issues.apache.org/jira/browse/WOOKIE-64?page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#action_10955
]
Scott Wilson logged work on WOOKIE-64:
--------------------------------------
Author: Scott Wilson
Created on: 04/Dec/09 10:22 AM
Start Date: 04/Dec/09 10:21 AM
Worklog Time Spent: 1h
Work Description: I've committed a partial fix using CDATA sections;
there are still some errors when using inline styles as - contrary to the
documentation for HTMLCleaner - these don't seem to be similarly protected by
the same measure.
Issue Time Tracking
-------------------
Time Spent: 3h (was: 2h)
Remaining Estimate: 0h (was: 1h)
> Wookie rewrites HTML start file incorrectly when injecting JavaScript:
> incorrectly encodes inline scripts
> ---------------------------------------------------------------------------------------------------------
>
> Key: WOOKIE-64
> URL: https://issues.apache.org/jira/browse/WOOKIE-64
> Project: Wookie
> Issue Type: Bug
> Components: Server
> Reporter: Scott Wilson
> Priority: Blocker
> Fix For: 0.8.1
>
> Original Estimate: 2h
> Time Spent: 3h
> Remaining Estimate: 0h
>
> When a widget package is uploaded into Wookie, the start file is injected
> with Wookie javascripts using HTMLCleaner.
> However, where a widget start file already includes inline JavaScript, the
> output is entity encoded; e.g.:
> if( window.widget.preferences["test1"] == "pass1" &&
> Becomes:
> if( window.widget.preferences["test1"] ==
> "pass1" &&
> This breaks a lot of scripts.
> To test, use any of the test widgets at:
> http://dev.w3.org/2006/waf/widgets-api/test-suite/
> This is probably best tackled in conjunction with WOOKIE-42
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
