You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by Marshall Shi <sh...@cn.ibm.com> on 2012/12/27 03:30:11 UTC
Re: Review Request: dynamic-size feature implemenation is weak and vulnerable
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/8222/
-----------------------------------------------------------
(Updated Dec. 27, 2012, 2:30 a.m.)
Review request for shindig, Ryan Baxter, Dan Dumont, Stanton Sievers, and Rich Thompson.
Description
-------
getElementComputedStyle implementation is weak in features/src/main/javascript/features/dynamic-size.util/dynamic-size-util.js.
The gadgets.window.getDimen is easily run into a null 'size' variable and cause the following code to get its length fail.
This addresses bug SHINDIG-1883.
https://issues.apache.org/jira/browse/SHINDIG-1883
Diffs
-----
http://svn.apache.org/repos/asf/shindig/trunk/features/pom.xml 1401141
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/core.config.base/config.js 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/core.config.base/feature.xml 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/domnode/constants.js PRE-CREATION
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/domnode/feature.xml PRE-CREATION
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/dynamic-size.util/dynamic-size-util.js 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/dynamic-size.util/feature.xml 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/features.txt 1395438
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/gadgets.json.ext/feature.xml 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/gadgets.json.ext/json-xmltojson.js 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/jsondom/feature.xml 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/jsondom/jsondom.js 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/minimessage/feature.xml 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/minimessage/minimessage.js 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/opensocial-data/data.js 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/opensocial-data/feature.xml 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/views/feature.xml 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/views/views.js 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/test/javascript/features/alltests.js 1373213
Diff: https://reviews.apache.org/r/8222/diff/
Testing
-------
Thanks,
Marshall Shi
Re: Review Request: dynamic-size feature implemenation is weak and vulnerable
Posted by Dan Dumont <dd...@us.ibm.com>.
> On Jan. 9, 2013, 2:59 p.m., Dan Dumont wrote:
> > Ship It!
Committed r1430900. Please close this review.
- Dan
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/8222/#review15185
-----------------------------------------------------------
On Dec. 27, 2012, 2:32 a.m., Marshall Shi wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/8222/
> -----------------------------------------------------------
>
> (Updated Dec. 27, 2012, 2:32 a.m.)
>
>
> Review request for shindig, Ryan Baxter, Dan Dumont, Stanton Sievers, and Rich Thompson.
>
>
> Description
> -------
>
> - getElementComputedStyle implementation is weak in features/src/main/javascript/features/dynamic-size.util/dynamic-size-util.js.
> The gadgets.window.getDimen is easily run into a null 'size' variable and cause the following code to get its length fail.
> - hardcoded dom node type(from 1 to 12) is scattered in shindig features, propose to extract a domnode feature for constants.
>
>
> This addresses bug SHINDIG-1883.
> https://issues.apache.org/jira/browse/SHINDIG-1883
>
>
> Diffs
> -----
>
> http://svn.apache.org/repos/asf/shindig/trunk/features/pom.xml 1401141
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/core.config.base/config.js 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/core.config.base/feature.xml 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/domnode/constants.js PRE-CREATION
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/domnode/feature.xml PRE-CREATION
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/dynamic-size.util/dynamic-size-util.js 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/dynamic-size.util/feature.xml 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/features.txt 1395438
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/gadgets.json.ext/feature.xml 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/gadgets.json.ext/json-xmltojson.js 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/jsondom/feature.xml 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/jsondom/jsondom.js 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/minimessage/feature.xml 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/minimessage/minimessage.js 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/opensocial-data/data.js 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/opensocial-data/feature.xml 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/views/feature.xml 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/views/views.js 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/test/javascript/features/alltests.js 1373213
>
> Diff: https://reviews.apache.org/r/8222/diff/
>
>
> Testing
> -------
>
>
> Thanks,
>
> Marshall Shi
>
>
Re: Review Request: dynamic-size feature implemenation is weak and vulnerable
Posted by Dan Dumont <dd...@us.ibm.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/8222/#review15185
-----------------------------------------------------------
Ship it!
Ship It!
- Dan Dumont
On Dec. 27, 2012, 2:32 a.m., Marshall Shi wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/8222/
> -----------------------------------------------------------
>
> (Updated Dec. 27, 2012, 2:32 a.m.)
>
>
> Review request for shindig, Ryan Baxter, Dan Dumont, Stanton Sievers, and Rich Thompson.
>
>
> Description
> -------
>
> - getElementComputedStyle implementation is weak in features/src/main/javascript/features/dynamic-size.util/dynamic-size-util.js.
> The gadgets.window.getDimen is easily run into a null 'size' variable and cause the following code to get its length fail.
> - hardcoded dom node type(from 1 to 12) is scattered in shindig features, propose to extract a domnode feature for constants.
>
>
> This addresses bug SHINDIG-1883.
> https://issues.apache.org/jira/browse/SHINDIG-1883
>
>
> Diffs
> -----
>
> http://svn.apache.org/repos/asf/shindig/trunk/features/pom.xml 1401141
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/core.config.base/config.js 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/core.config.base/feature.xml 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/domnode/constants.js PRE-CREATION
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/domnode/feature.xml PRE-CREATION
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/dynamic-size.util/dynamic-size-util.js 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/dynamic-size.util/feature.xml 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/features.txt 1395438
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/gadgets.json.ext/feature.xml 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/gadgets.json.ext/json-xmltojson.js 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/jsondom/feature.xml 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/jsondom/jsondom.js 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/minimessage/feature.xml 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/minimessage/minimessage.js 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/opensocial-data/data.js 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/opensocial-data/feature.xml 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/views/feature.xml 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/views/views.js 1383189
> http://svn.apache.org/repos/asf/shindig/trunk/features/src/test/javascript/features/alltests.js 1373213
>
> Diff: https://reviews.apache.org/r/8222/diff/
>
>
> Testing
> -------
>
>
> Thanks,
>
> Marshall Shi
>
>
Re: Review Request: dynamic-size feature implemenation is weak and vulnerable
Posted by Marshall Shi <sh...@cn.ibm.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/8222/
-----------------------------------------------------------
(Updated Dec. 27, 2012, 2:32 a.m.)
Review request for shindig, Ryan Baxter, Dan Dumont, Stanton Sievers, and Rich Thompson.
Description (updated)
-------
- getElementComputedStyle implementation is weak in features/src/main/javascript/features/dynamic-size.util/dynamic-size-util.js.
The gadgets.window.getDimen is easily run into a null 'size' variable and cause the following code to get its length fail.
- hardcoded dom node type(from 1 to 12) is scattered in shindig features, propose to extract a domnode feature for constants.
This addresses bug SHINDIG-1883.
https://issues.apache.org/jira/browse/SHINDIG-1883
Diffs
-----
http://svn.apache.org/repos/asf/shindig/trunk/features/pom.xml 1401141
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/core.config.base/config.js 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/core.config.base/feature.xml 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/domnode/constants.js PRE-CREATION
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/domnode/feature.xml PRE-CREATION
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/dynamic-size.util/dynamic-size-util.js 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/dynamic-size.util/feature.xml 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/features.txt 1395438
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/gadgets.json.ext/feature.xml 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/gadgets.json.ext/json-xmltojson.js 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/jsondom/feature.xml 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/jsondom/jsondom.js 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/minimessage/feature.xml 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/minimessage/minimessage.js 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/opensocial-data/data.js 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/opensocial-data/feature.xml 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/views/feature.xml 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/views/views.js 1383189
http://svn.apache.org/repos/asf/shindig/trunk/features/src/test/javascript/features/alltests.js 1373213
Diff: https://reviews.apache.org/r/8222/diff/
Testing
-------
Thanks,
Marshall Shi