Uploaded image for project: 'Blesta Core'
  1. Blesta Core
  2. CORE-2427

Look into possible issue with allowing plugin action query parameters

        Details

        • Type: Task
        • Status: Closed
        • Priority: Major
        • Resolution: Won't Fix
        • Affects Version/s: None
        • Fix Version/s: 4.1.0-b2
        • Component/s: Plugins
        • Labels:
          None

          Description

          See https://www.blesta.com/forums/index.php?/topic/9306-registering-plugin-action-widget_client_home/

          I believe Blesta's expectation is that the plugin action contain a URI without query arguments. In some cases, Blesta may set it's own query arguments, and this can cause a conflict. Nonetheless we should look into why the error occurs and

          1. figure out why the issue occurs and update this task
          2. update the Blesta documentation to illustrate this expected restriction
          3. see if this restriction could be alleviated in the future to allow for query parameters (and if so, create a separate task)

            Issue Links

            relates to

            Improvement - An improvement or enhancement to an existing feature or task. CORE-2439 Allow query parameters for plugin actions

            • Major - Major loss of function.
            • Closed

              Activity

              Ascending order - Click to sort in descending order
              Hide
              Permalink
              jonathan Jonathan Reissmueller added a comment -

              client_controller.php lines 98-101:

              $key = str_replace('/', '_', trim($plugin->uri, '/'));
$widgets[$key] = [
    'uri' => $this->base_uri . $plugin->uri
];

              This key is later used in jquery-client-4.1.0.js line 113:

              $('#widget_container_' + this.widget_id).replaceWith(temp);

              This is where the error occurs because the the process for forming the key allows characters that are not legal for the jquery expression.

              Show
              jonathan Jonathan Reissmueller added a comment - client_controller.php lines 98-101: $key = str_replace('/', '_', trim($plugin->uri, '/')); $widgets[$key] = [ 'uri' => $ this ->base_uri . $plugin->uri ]; This key is later used in jquery-client-4.1.0.js line 113: $('#widget_container_' + this .widget_id).replaceWith(temp); This is where the error occurs because the the process for forming the key allows characters that are not legal for the jquery expression.
              Hide
              Permalink
              tyson Tyson Phillips (Inactive) added a comment -

              It would be the same for the admin widgets too then. I think you should update the documentation, where appropriate, to note that the URI should be only the path (relative to the base URI) that does not include any query or fragments. See https://en.wikipedia.org/wiki/Uniform_Resource_Identifier#Examples

              Show
              tyson Tyson Phillips (Inactive) added a comment - It would be the same for the admin widgets too then. I think you should update the documentation, where appropriate, to note that the URI should be only the path (relative to the base URI) that does not include any query or fragments . See https://en.wikipedia.org/wiki/Uniform_Resource_Identifier#Examples
              Hide
              Permalink
              jonathan Jonathan Reissmueller added a comment -

              Done. As for solutions, anything that limits the keys to characters that are valid in the jquery identifier should work fine. Hashing it was suggested in the forum post. You could also probably use a preg_replace to take care of non-valid characters.

              Show
              jonathan Jonathan Reissmueller added a comment - Done. As for solutions, anything that limits the keys to characters that are valid in the jquery identifier should work fine. Hashing it was suggested in the forum post. You could also probably use a preg_replace to take care of non-valid characters.
              Hide
              Permalink
              tyson Tyson Phillips (Inactive) added a comment -

              Hashing it would probably work. Doing string replacements could cause collisions. Create a task to convert the ID to a hash for this purpose.

              Show
              tyson Tyson Phillips (Inactive) added a comment - Hashing it would probably work. Doing string replacements could cause collisions. Create a task to convert the ID to a hash for this purpose.

                People

                • Assignee:
                  jonathan Jonathan Reissmueller
                  Reporter:
                  tyson Tyson Phillips (Inactive)
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:
                    Fix Release Date:
                    7/Aug/17

                    Agile