foxreplace icon indicating copy to clipboard operation
foxreplace copied to clipboard
verified publisher icon Woundorf

HTML substitutions make iframes become empty

Open GoogleCodeExporter opened this issue 10 years ago • 2 comments 

Hi,

I'm trying to use foxreplace with the Confluence wiki software to replace text 
in input boxes. Currently, using the 'replace with substitution list' option, 
eve when there is no text in the box applicable for a substitution, causes the 
box to become empty and unusable. Here is the html (from firebug) for the text 
entry div after I apply foxreplace (sorry for the formatting):

<div id="wysiwyg" style="width: 100%; height: 100%;"><div id="rte" class="cell 
editor-fullheight"><textarea id="wysiwygTextarea" class="hidden tinymce-editor" 
name="wysiwygContent" style="display: none;" 
aria-hidden="true"></textarea><iframe id="wysiwygTextarea_ifr" frameborder="0" 
src="javascript:""" allowtransparency="true" title="{#aria.rich_text_area}" 
style="width: 100%; height: 100%; display: block;" 
tabindex="100"></iframe></div></div><div id="wysiwyg" style="width: 100%; 
height: 100%;"> <div id="rte" class="cell editor-fullheight"> <textarea 
id="wysiwygTextarea" class="hidden tinymce-editor" name="wysiwygContent" 
style="display: none;" aria-hidden="true"></textarea> <iframe 
id="wysiwygTextarea_ifr" frameborder="0" src="javascript:""" 
allowtransparency="true" title="{#aria.rich_text_area}" style="width: 100%; 
height: 100%; display: block;" tabindex="100"> </iframe> </div> </div>

It looks as if the contents of the id="wysiwygTextarea_ifr" iframe are being 
lost when foxreplace does its work. I guess this could be some xss mitigation 
or similar thwarting me here. Any thoughts much appreciated. FFox 30.0 and 
foxreplace 0.16.1.

This is what the "wysiwyg" editor div looked like before running foxreplace 
(right at the bottom, you can see the text I entered - 'foo!'):

<div id="wysiwyg" style="width: 100%; height: 100%;">
<div id="rte" class="cell editor-fullheight">
<textarea id="wysiwygTextarea" class="hidden tinymce-editor" 
name="wysiwygContent" style="display: none;" aria-hidden="true"></textarea>
<iframe id="wysiwygTextarea_ifr" frameborder="0" src="javascript:""" 
allowtransparency="true" title="{#aria.rich_text_area}" style="width: 100%; 
height: 100%; display: block;" tabindex="100">
<!DOCTYPE html>
<html>
<head xmlns="http://www.w3.org/1999/xhtml">
<base href="https://www.wiki.ed.ac.uk">
<meta content="IE=7" http-equiv="X-UA-Compatible">
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
<link media="all" 
href="/s/en_GB-1988229788/4252/6ac85e9b14675c5514a674e1aecae99c9505ed36.7/1.0/_/
download/batch/confluence.web.resources:panel-styles/confluence.web.resources:pa
nel-styles.css" rel="stylesheet" type="text/css">
<link media="all" 
href="/s/en_GB-1988229788/4252/6ac85e9b14675c5514a674e1aecae99c9505ed36.7/1.0/_/
download/batch/confluence.web.resources:content-styles/confluence.web.resources:
content-styles.css" rel="stylesheet" type="text/css">
<link media="all" 
href="/s/en_GB-1988229788/4252/6ac85e9b14675c5514a674e1aecae99c9505ed36.7/1.0/_/
download/batch/confluence.web.resources:panel-styles/confluence.web.resources:pa
nel-styles.css" rel="stylesheet" type="text/css">
<link media="all" 
href="/s/en_GB-1988229788/4252/6ac85e9b14675c5514a674e1aecae99c9505ed36.7/5.0/_/
download/batch/com.atlassian.auiplugin:aui-experimental-page-layout-typography/c
om.atlassian.auiplugin:aui-experimental-page-layout-typography.css" 
rel="stylesheet" type="text/css">
<link media="all" 
href="/s/en_GB-1988229788/4252/6ac85e9b14675c5514a674e1aecae99c9505ed36.7/5.0/_/
download/batch/com.atlassian.auiplugin:aui-experimental-avatars/com.atlassian.au
iplugin:aui-experimental-avatars.css" rel="stylesheet" type="text/css">
<link media="all" 
href="/s/en_GB-1988229788/4252/6ac85e9b14675c5514a674e1aecae99c9505ed36.7/5.0/_/
download/batch/com.atlassian.auiplugin:aui-experimental-page-layout/com.atlassia
n.auiplugin:aui-experimental-page-layout.css" rel="stylesheet" type="text/css">
<link media="all" 
href="/s/en_GB-1988229788/4252/6ac85e9b14675c5514a674e1aecae99c9505ed36.7/5.1.5/
_/download/batch/com.atlassian.confluence.editor:editor-content-styles/com.atlas
sian.confluence.editor:editor-content-styles.css" rel="stylesheet" 
type="text/css">
<link media="all" 
href="/s/en_GB-1988229788/4252/6ac85e9b14675c5514a674e1aecae99c9505ed36.7/5.0/_/
download/batch/com.atlassian.auiplugin:aui-experimental-lozenge/com.atlassian.au
iplugin:aui-experimental-lozenge.css" rel="stylesheet" type="text/css">
<link media="all" 
href="/s/en_GB-1988229788/4252/6ac85e9b14675c5514a674e1aecae99c9505ed36.7/2.12/_
/download/batch/com.atlassian.confluence.plugins.status-macro:view_content_statu
s/com.atlassian.confluence.plugins.status-macro:view_content_status.css" 
rel="stylesheet" type="text/css">
<link media="all" 
href="/s/en_GB-1988229788/4252/6ac85e9b14675c5514a674e1aecae99c9505ed36.7/2.12/_
/download/batch/com.atlassian.confluence.plugins.status-macro:editor_content_sta
tus/com.atlassian.confluence.plugins.status-macro:editor_content_status.css" 
rel="stylesheet" type="text/css">
<link media="all" 
href="/s/en_GB-1988229788/4252/6ac85e9b14675c5514a674e1aecae99c9505ed36.7/5.1.5/
_/download/batch/com.atlassian.confluence.plugins.confluence-templates:variable-
editor-content-styles/com.atlassian.confluence.plugins.confluence-templates:vari
able-editor-content-styles.css" rel="stylesheet" type="text/css">
<link media="all" 
href="/s/en_GB-1988229788/4252/6ac85e9b14675c5514a674e1aecae99c9505ed36.7/3.6.5/
_/download/batch/confluence.extra.attachments:attachments-css/confluence.extra.a
ttachments:attachments-css.css" rel="stylesheet" type="text/css">
<link media="all" 
href="/s/en_GB-1988229788/4252/6ac85e9b14675c5514a674e1aecae99c9505ed36.7/5.1.5/
_/download/batch/com.atlassian.confluence.plugins.confluence-inline-tasks:inline
-tasks-styles/com.atlassian.confluence.plugins.confluence-inline-tasks:inline-ta
sks-styles.css" rel="stylesheet" type="text/css">
<link media="all" 
href="/s/en_GB-1988229788/4252/6ac85e9b14675c5514a674e1aecae99c9505ed36.7/2.6.0/
_/download/batch/nl.avisi.confluence.plugins.numberedheadings:nh-tinymce-css-res
ources/nl.avisi.confluence.plugins.numberedheadings:nh-tinymce-css-resources.css
" rel="stylesheet" type="text/css">
<link media="all" 
href="/s/en_GB-1988229788/4252/6ac85e9b14675c5514a674e1aecae99c9505ed36.7/19/_/s
tyles/colors.css?spaceKey=ECAITTeam" rel="stylesheet" type="text/css">
<link media="all" 
href="/s/en_GB-1988229788/4252/6ac85e9b14675c5514a674e1aecae99c9505ed36.7/5.1.5/
_/download/resources/com.atlassian.confluence.plugins.doctheme:documentation/def
ault-theme.css" rel="stylesheet" type="text/css">
<link media="all" 
href="/s/en_GB-1988229788/4252/6ac85e9b14675c5514a674e1aecae99c9505ed36.7/5.1.5/
_/download/resources/com.atlassian.confluence.plugins.doctheme:documentation/doc
-theme.css" rel="stylesheet" type="text/css">
<link media="all" 
href="/s/en_GB-1988229788/4252/6ac85e9b14675c5514a674e1aecae99c9505ed36.7/5.1.5/
_/download/resources/com.atlassian.confluence.plugins.doctheme:documentation/spl
itter.css" rel="stylesheet" type="text/css">
<style type="text/css">
</head>
<body id="tinymce" class="mceContentBody aui-theme-default wiki-content 
fullsize" contenteditable="true" 
onload="window.parent.tinyMCE.get('wysiwygTextarea').onLoad.dispatch();" 
dir="ltr">
<p>
foo!
<br data-mce-bogus="1">
</p>
</body>
</html>
</iframe>
</div>
</div>

Original issue reported on code.google.com by [email protected] on 12 Jul 2014 at 5:42

GoogleCodeExporter avatar Aug 21 '15 18:08 GoogleCodeExporter 

Hi, thanks for the report. I have reproduced the issue in 
https://demo.stiltsoft.com/pages/editpage.action?pageId=589838 with a random 
HTML substitution. It's also reproducible in 
http://www.w3schools.com/tags/tryit.asp?filename=tryhtml_iframe. It seams that 
iframes are not well supported when using HTML substitutions, so I'll change to 
summary to reflect this.

It may be related to issue 81.

Original comment by [email protected] on 12 Jul 2014 at 2:02

  • Changed title: HTML substitutions make iframes become empty
  • Changed state: Accepted
  • Added labels: Component-Logic, OpSys-All

GoogleCodeExporter avatar Aug 21 '15 18:08 GoogleCodeExporter

I have reproduced the issue in https://demo.stiltsoft.com/pages/editpage.action?pageId=589838 with a random HTML substitution. It's also reproducible in http://www.w3schools.com/tags/tryit.asp?filename=tryhtml_iframe. It seams that iframes are not well supported when using HTML substitutions, so I'll change to summary to reflect this.

Now it works correctly in the W3Schools example, but continues breaking the Confluence example if using HTML in the input and the output.

Woundorf avatar Sep 17 '18 15:09 Woundorf