Uploaded image for project: 'JSPWiki'
  1. JSPWiki
  2. JSPWIKI-1130

Preview doesn't handle embedded JavaScript correctly

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Minor
    • Resolution: Unresolved
    • 2.11.0-M6
    • None
    • Editors
    • None

    Description

      If "jspwiki.translatorReader.allowHTML = true", JavaScript can be inserted into a page and executed like this:

      [

      {If page='SandBox' exists='true' <script language="javascript">document.writeln("<b>User Agent: </b>" + navigator.userAgent);</script>}

      ]

      However, if preview is turned on during editing, executing the JavaScript interferes with the editor, replacing the editor page with the output of the code execution. I'm not sure whether it's possible to fix this while still trying to execute JavaScript. If not, disabling JavaScript during preview seems fine.

      https://jspwiki-wiki.apache.org/Wiki.jsp?page=TESTEST also shows this.

      Attachments

        Activity

          People

            Unassigned Unassigned
            udittmer Ulf Dittmer
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated: