You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@wicket.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2016/11/25 15:06:58 UTC
[jira] [Commented] (WICKET-6289) Autolinking adds onclick attribute
to ![]()
tags
[ https://issues.apache.org/jira/browse/WICKET-6289?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15696063#comment-15696063 ]
ASF GitHub Bot commented on WICKET-6289:
----------------------------------------
GitHub user duesenklipper opened a pull request:
https://github.com/apache/wicket/pull/196
WICKET-6289 fix autolinker so it does not generate an onclick attribu…
…te for img tags
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/duesenklipper/wicket wicket-8.x/WICKET-6289-autolinker-onclick-fix
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/wicket/pull/196.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #196
----
commit ba0f578f53b158ff375e7de6dd7097c7ff93ac79
Author: Carl-Eric Menzel <cm...@apache.org>
Date: 2016-11-25T14:16:31Z
WICKET-6289 fix autolinker so it does not generate an onclick attribute for img tags
----
> Autolinking adds onclick attribute to <img> tags
> ------------------------------------------------
>
> Key: WICKET-6289
> URL: https://issues.apache.org/jira/browse/WICKET-6289
> Project: Wicket
> Issue Type: Bug
> Affects Versions: 7.4.0, 8.0.0-M2, 6.25.0, 1.5.17
> Reporter: Carl-Eric Menzel
> Assignee: Carl-Eric Menzel
>
> When the autolinker can't find the target of a src or href attribute, it falls back to a default autocomponent, that supposedly leaves the tag unchanged. Quoting AutolinkResolver:
> {code}
> if (autoComponent == null)
> {
> // resolving didn't have the desired result or there was no delegate
> // found; fallback on the default resolving which is a simple
> // component that leaves the tag unchanged
> autoComponent = new AutolinkExternalLink(componentId, pathInfo.reference);
> }
> {code}
> ...except that AutolinkExternalLink is an ExternalLink which is an AbstractLink which does change the original tag. Namely, when applied to something that is not <a> it adds an onclick attribute. This leads to something like the following:
> {code}
> <img src="does-not-exist.png" onclick="window.location.href='does-not-exist.png';return false;"/>
> {code}
> ...which is clearly nonsensical. This can happen when the referenced image is not in the classpath - it could either be missing, or it could be in the webapp root somewhere, which can be the case for some legacy applications. (This is how I came across this.)
> A simple fix appears to be to use a plain WebMarkupContainer in place of this particular AutolinkExternalLink. All tests pass when I do that.
> This affects all versions from 1.5 on upward. I'll prepare a pull request.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)