Uploaded image for project: 'Blesta Core'
  1. Blesta Core
  2. CORE-2427

Look into possible issue with allowing plugin action query parameters

    Details

    • Type: Task
    • Status: Closed
    • Priority: Major
    • Resolution: Won't Fix
    • Affects Version/s: None
    • Fix Version/s: 4.1.0-b2
    • Component/s: Plugins
    • Labels:
      None

      Description

      See https://www.blesta.com/forums/index.php?/topic/9306-registering-plugin-action-widget_client_home/

      I believe Blesta's expectation is that the plugin action contain a URI without query arguments. In some cases, Blesta may set it's own query arguments, and this can cause a conflict. Nonetheless we should look into why the error occurs and

      1. figure out why the issue occurs and update this task
      2. update the Blesta documentation to illustrate this expected restriction
      3. see if this restriction could be alleviated in the future to allow for query parameters (and if so, create a separate task)

        Issue Links

          Activity

          tyson Tyson Phillips (Inactive) created issue -
          tyson Tyson Phillips (Inactive) made changes -
          Field Original Value New Value
          Rank Ranked higher
          tyson Tyson Phillips (Inactive) made changes -
          Sprint 4.1.0 Sprint 6 [ 43 ]
          tyson Tyson Phillips (Inactive) made changes -
          Rank Ranked higher
          jonathan Jonathan Reissmueller made changes -
          Assignee Jonathan Reissmueller [ jonathan ]
          jonathan Jonathan Reissmueller made changes -
          Assignee Jonathan Reissmueller [ jonathan ]
          jonathan Jonathan Reissmueller made changes -
          Assignee Jonathan Reissmueller [ jonathan ]
          Hide
          jonathan Jonathan Reissmueller added a comment -

          client_controller.php lines 98-101:

          $key = str_replace('/', '_', trim($plugin->uri, '/'));
          $widgets[$key] = [
              'uri' => $this->base_uri . $plugin->uri
          ];
          

          This key is later used in jquery-client-4.1.0.js line 113:

          $('#widget_container_' + this.widget_id).replaceWith(temp);
          

          This is where the error occurs because the the process for forming the key allows characters that are not legal for the jquery expression.

          Show
          jonathan Jonathan Reissmueller added a comment - client_controller.php lines 98-101: $key = str_replace('/', '_', trim($plugin->uri, '/')); $widgets[$key] = [ 'uri' => $ this ->base_uri . $plugin->uri ]; This key is later used in jquery-client-4.1.0.js line 113: $('#widget_container_' + this .widget_id).replaceWith(temp); This is where the error occurs because the the process for forming the key allows characters that are not legal for the jquery expression.
          Hide
          tyson Tyson Phillips (Inactive) added a comment -

          It would be the same for the admin widgets too then. I think you should update the documentation, where appropriate, to note that the URI should be only the path (relative to the base URI) that does not include any query or fragments. See https://en.wikipedia.org/wiki/Uniform_Resource_Identifier#Examples

          Show
          tyson Tyson Phillips (Inactive) added a comment - It would be the same for the admin widgets too then. I think you should update the documentation, where appropriate, to note that the URI should be only the path (relative to the base URI) that does not include any query or fragments . See https://en.wikipedia.org/wiki/Uniform_Resource_Identifier#Examples
          Hide
          jonathan Jonathan Reissmueller added a comment -

          Done. As for solutions, anything that limits the keys to characters that are valid in the jquery identifier should work fine. Hashing it was suggested in the forum post. You could also probably use a preg_replace to take care of non-valid characters.

          Show
          jonathan Jonathan Reissmueller added a comment - Done. As for solutions, anything that limits the keys to characters that are valid in the jquery identifier should work fine. Hashing it was suggested in the forum post. You could also probably use a preg_replace to take care of non-valid characters.
          Hide
          tyson Tyson Phillips (Inactive) added a comment -

          Hashing it would probably work. Doing string replacements could cause collisions. Create a task to convert the ID to a hash for this purpose.

          Show
          tyson Tyson Phillips (Inactive) added a comment - Hashing it would probably work. Doing string replacements could cause collisions. Create a task to convert the ID to a hash for this purpose.
          tyson Tyson Phillips (Inactive) made changes -
          Status Open [ 1 ] Closed [ 6 ]
          Resolution Won't Fix [ 2 ]
          jonathan Jonathan Reissmueller made changes -
          Link This issue relates to CORE-2439 [ CORE-2439 ]

            People

            • Assignee:
              jonathan Jonathan Reissmueller
              Reporter:
              tyson Tyson Phillips (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Fix Release Date:
                7/Aug/17

                Agile