Details
-
Bug
-
Status: Closed
-
Resolution: Fixed
-
7.0.X EE, Master
-
7.0.x
-
Committed
-
4
Description
Steps to Reproduce
- Add an entry to your system's hosts file for abc.com that points to your local server.
- Create a portal-ext.properties file with at least the following properties:
redirect.url.ips.allowed= cdn.host.http=http://abc.com:8080/ cdn.dynamic.resources.enabled=false
- Startup Liferay and visit http://localhost:8080/
Expected behavior is that there are no errors in the Javascript console. Actual behavior is there are errors in the Javascript console due to the SVGs being created with an xlink:href pointing to the CDN URL, which is not allowed. See this comment on svg4everybody for more information.
https://github.com/jonathantneal/svg4everybody/issues/16#issuecomment-225315731
Potential Problematic Files
Running a grep against the source code for xlink:href reveals the following places that need to be updated and tested:
git ls-files | grep -F '.java' | tr '\n' '\0' | xargs -0 grep -Fl 'xlink:href'
- util-taglib/src/com/liferay/taglib/aui/ATag.java
- util-taglib/src/com/liferay/taglib/aui/IconTag.java
git ls-files | grep -F '.js' | tr '\n' '\0' | xargs -0 grep -Fl 'xlink:href' | grep -vF '.task-cache'
- modules/apps/forms-and-workflow/dynamic-data-mapping/dynamic-data-mapping-type-text-localizable/src/main/resources/META-INF/resources/text_localizable.soy.js
- modules/apps/foundation/frontend-js/frontend-js-web/src/main/resources/META-INF/resources/liferay/alert.js
- modules/apps/foundation/frontend-js/frontend-js-web/src/main/resources/META-INF/resources/liferay/fullscreen_source_editor.js
- modules/apps/foundation/frontend-js/frontend-js-web/src/main/resources/META-INF/resources/liferay/upload.js
- modules/apps/foundation/frontend-js/frontend-js-web/src/main/resources/META-INF/resources/liferay/util.js
- modules/apps/foundation/frontend-js/frontend-js-web/src/main/resources/META-INF/resources/liferay/util_window.js
- modules/apps/foundation/frontend-taglib/frontend-taglib/src/main/resources/META-INF/resources/diff_version_comparator/js/diff_version_comparator.js
- modules/apps/marketplace/marketplace-app-manager-web/src/main/resources/META-INF/resources/icon.jsp
Attachments
Issue Links
- relates
-
LPS-72903 Lexicon icons.svg missing Access-Control-Allow-Origin header
- Closed