You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by "Chris Chabot (JIRA)" <ji...@apache.org> on 2008/08/26 18:12:44 UTC
[jira] Created: (SHINDIG-544) Making activity.title for restful
match the js apis
Making activity.title for restful match the js apis
----------------------------------------------------
Key: SHINDIG-544
URL: https://issues.apache.org/jira/browse/SHINDIG-544
Project: Shindig
Issue Type: Bug
Components: RESTful API (PHP)
Reporter: Chris Chabot
See http://groups.google.com/group/opensocial-and-gadgets-spec/browse_thread/thread/806e929140569d80?hl=en# for details
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-544) Making activity.title for restful
match the js apis
Posted by "impetus technologies (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-544?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12631691#action_12631691 ]
impetus technologies commented on SHINDIG-544:
----------------------------------------------
Hi Chris,
I've gone through portablecontacts/0.8.1 open social spec which says
ativity should look like :
{
"id" : "http://example.org/activities/example.org:87ead8dead6beef/self/af3778",
"title" : "<a href=\"foo\">some activity</a>",
....
....
....
}
and I tried SocialActivitiesWorld.xml gadget on my local Shindig installation and got response for getActivity like:
{
"title":"Sir Shin H. Digg Social Butterfly wrote: <a href='sss'>Test href<\/a>",
"body":"write back!",
"mediaItems":[{"type":"image","mimeType":"image","url":"http:\/\/cdn.davesdaily.com\/pictures\/784-awesome-hands.jpg"}],
"appId":"7317"
}
It seems that what is expacted from this issue is already in the place.
But one issue I noticed and tried to figure out a solution for that.
The issue is as per the portablecontacts/0.8.1 open social spec The title field is a string that may only have the following html tags: <b>, <i>, <a>, <span>.But when I tried <font face='xxx'>Hello</font> it was also processed by shindig,which is not correct.
one of the solutions to handle this can be striping html tags from "title" except <b>, <i>, <a>, <span> tags.I was thiniking of adding this code in ActivityHandler.php. what do you say?
> Making activity.title for restful match the js apis
> ----------------------------------------------------
>
> Key: SHINDIG-544
> URL: https://issues.apache.org/jira/browse/SHINDIG-544
> Project: Shindig
> Issue Type: Bug
> Components: RESTful API (PHP)
> Reporter: Chris Chabot
>
> See http://groups.google.com/group/opensocial-and-gadgets-spec/browse_thread/thread/806e929140569d80?hl=en# for details
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (SHINDIG-544) Making activity.title for restful
match the js apis
Posted by "impetus technologies (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-544?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
impetus technologies updated SHINDIG-544:
-----------------------------------------
Attachment: Activity.php.patch
Hi Chris,
Please review the patch attached for the same :-)
> Making activity.title for restful match the js apis
> ----------------------------------------------------
>
> Key: SHINDIG-544
> URL: https://issues.apache.org/jira/browse/SHINDIG-544
> Project: Shindig
> Issue Type: Bug
> Components: RESTful API (PHP)
> Reporter: Chris Chabot
> Attachments: Activity.php.patch
>
>
> See http://groups.google.com/group/opensocial-and-gadgets-spec/browse_thread/thread/806e929140569d80?hl=en# for details
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-544) Making activity.title for restful
match the js apis
Posted by "Chris Chabot (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-544?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12630192#action_12630192 ]
Chris Chabot commented on SHINDIG-544:
--------------------------------------
Hey Ram, i'm not entirely sure yet either, I haven't had the time to investigate yet (else it would've probably already been a closed issue:P)
I'd suggest taking a look at the portablecontacts/0.8.1 open social spec and match the activity output of shindig against it, and see if the formats match, if they differ, then you can modify the social-api/opensocial/model/Activity.php class to match the spec :)
> Making activity.title for restful match the js apis
> ----------------------------------------------------
>
> Key: SHINDIG-544
> URL: https://issues.apache.org/jira/browse/SHINDIG-544
> Project: Shindig
> Issue Type: Bug
> Components: RESTful API (PHP)
> Reporter: Chris Chabot
>
> See http://groups.google.com/group/opensocial-and-gadgets-spec/browse_thread/thread/806e929140569d80?hl=en# for details
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-544) Making activity.title for restful
match the js apis
Posted by "Chris Chabot (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-544?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12648946#action_12648946 ]
Chris Chabot commented on SHINDIG-544:
--------------------------------------
That sounds like the proper fix ... allowing just any html tag in the title is kind of ... bad :)
Lets add img tags to the allowed tag list too though, i know iLike is (ab)using that to support media items on any SNS.
> Making activity.title for restful match the js apis
> ----------------------------------------------------
>
> Key: SHINDIG-544
> URL: https://issues.apache.org/jira/browse/SHINDIG-544
> Project: Shindig
> Issue Type: Bug
> Components: RESTful API (PHP)
> Reporter: Chris Chabot
>
> See http://groups.google.com/group/opensocial-and-gadgets-spec/browse_thread/thread/806e929140569d80?hl=en# for details
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-544) Making activity.title for restful
match the js apis
Posted by "Ram Sharma (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-544?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12630194#action_12630194 ]
Ram Sharma commented on SHINDIG-544:
------------------------------------
Thanks Chris for your help :)
> Making activity.title for restful match the js apis
> ----------------------------------------------------
>
> Key: SHINDIG-544
> URL: https://issues.apache.org/jira/browse/SHINDIG-544
> Project: Shindig
> Issue Type: Bug
> Components: RESTful API (PHP)
> Reporter: Chris Chabot
>
> See http://groups.google.com/group/opensocial-and-gadgets-spec/browse_thread/thread/806e929140569d80?hl=en# for details
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (SHINDIG-544) Making activity.title for restful
match the js apis
Posted by "Chris Chabot (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-544?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Chris Chabot resolved SHINDIG-544.
----------------------------------
Resolution: Fixed
Assignee: Chris Chabot
Lets try the native strip_tags() for now.
It's known to have a few small issues with embeded video tags and alike, but since we don't allow those in the title, that should be fine.
Also there is a small potential for attibute abuse (<a href="foo" onMouseOver="parent.location = 'http://bar.com'> type evil stuff), but regexes are also known for being less then safe in some situations (and considerably slower then the native solution).
If we do ever run into trouble, we can look at good alternatives
thanks for the patch ;)
> Making activity.title for restful match the js apis
> ----------------------------------------------------
>
> Key: SHINDIG-544
> URL: https://issues.apache.org/jira/browse/SHINDIG-544
> Project: Shindig
> Issue Type: Bug
> Components: RESTful API (PHP)
> Reporter: Chris Chabot
> Assignee: Chris Chabot
> Attachments: Activity.php.patch
>
>
> See http://groups.google.com/group/opensocial-and-gadgets-spec/browse_thread/thread/806e929140569d80?hl=en# for details
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-544) Making activity.title for restful
match the js apis
Posted by "Ram Sharma (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-544?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12630175#action_12630175 ]
Ram Sharma commented on SHINDIG-544:
------------------------------------
Hi Chris,
It might not sound very logical to ask this, But I didn't get any clue to solve this. Can you give me some pointers to find out more details about this issue.
> Making activity.title for restful match the js apis
> ----------------------------------------------------
>
> Key: SHINDIG-544
> URL: https://issues.apache.org/jira/browse/SHINDIG-544
> Project: Shindig
> Issue Type: Bug
> Components: RESTful API (PHP)
> Reporter: Chris Chabot
>
> See http://groups.google.com/group/opensocial-and-gadgets-spec/browse_thread/thread/806e929140569d80?hl=en# for details
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.