[JS2-1063] PortletWindow desktop widget fails to render portlet content when the content has script tag with src attribute pointing a url of different domain. - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.2.0
Fix Version/s: 2.2.1
Component/s: Desktop
Labels:
None

Description

PortletWindow widget (/javascript/jetspeed/widget/PortletWindow.src.js) tries to retrieve script source which can be embedded in the script tag or retrieved from the remote url which is set in "src" attribute to "fix" some script sources (such as attaching events or document.write stuff) by proper dojo functions.
The "_fixScripts" function in PortletWindow.src.js replaces some problematic script codes which can screw up desktop page.
For example,
(addEventListener|attachEvent) -->
jetspeed.postload_(addEventListener|attachEvent),
(document.write|document.writeln) --> jetspeed.postload_docwrite
(location.href) --> jetspeed.setdoclocation.
However, because it fails to retrieve script sources from different domain urls for security reasons, it fails to render the portlet content.

Attachments

Activity

People

Assignee:: Woonsan Ko

Reporter:: Woonsan Ko

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 10/Sep/09 10:37

Updated:: 04/Oct/11 21:04

Resolved:: 17/Sep/09 10:52