* switches to grantGeneric and grantFunc rather than grantCall to whitelist functions in valija mode
* turns on valija mode for gadgets (gadgets were being cajoled in cajita!)
* updates the api to handle module header and related changes to the cajoler
* corrects errors in css parser tests
* changes the test for failCajaTest - this test checks that uncajoleable code causes a message to be added to the message queue. Previously this was done by cajoling a script with a variable containing a triple underscore suffix - a new rule in shindig itself bans double underscore suffixes in variables and that preempts this one.
* bumps the version in the pom
This has cruft in it and is missing some tests so is not quite ready ...
16 years, 6 months ago
(2009-03-11 04:07:40 UTC)
#1
This has cruft in it and is missing some tests so is not quite ready quite
review but since this patch unblocks people testing gadgets, I'm sharing it now
while I clean it up.
Not sure how we should resolve the question of how best to wrap functions. My ...
16 years, 6 months ago
(2009-03-11 13:21:05 UTC)
#2
Not sure how we should resolve the question of how best to wrap functions.
My feeling is that using applyHandler is potentially both confusing and
dangerous...
confusing: the property appears to have one function associated, but actually is
running a completely different one.
dangerous: the original function can still be called by anything in the TCB. If
this is to be allowed it should probably only be done on a case-by-case basis,
not by default.
I rather liked your suggestion of inheritance, on the other hand.
http://codereview.appspot.com/26046/diff/1/13
File features/src/main/javascript/features/opensocial-reference/container.js
(right):
http://codereview.appspot.com/26046/diff/1/13#newcode544
Line 544: // TODO(doll): As caja evolves this method should get a lot smaller
Is it time to remove this TODO, since it actually appears to be getting bigger?
:-)
http://codereview.appspot.com/26046/diff/1/13#newcode1090
Line 1090: case 'm': // per prototype
Nice to have comments, but "per prototype" doesn't mean much to me.
http://codereview.appspot.com/26046/diff/1/13#newcode1100
Line 1100: ___.useApplyHandler(obj, name, schema[k](obj[name]));
I'm still not convinced that useApplyHandler is the best way to attenuate
functions.
http://codereview.appspot.com/26046/diff/1/5
File
java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/CajaContentRewriter.java
(right):
http://codereview.appspot.com/26046/diff/1/5#newcode102
Line 102: rw.setValijaMode(true);
Curious why it is not in Valija mode by default, since that would be the most
back compatible choice.
http://codereview.appspot.com/26046/diff/1/5#newcode133
Line 133: //mc.inputSources = originalSrc.keySet();
Remove comment?
http://codereview.appspot.com/26046/diff/1/4
File
java/gadgets/src/test/java/org/apache/shindig/gadgets/parse/caja/CajaCssParserTest.java
(right):
http://codereview.appspot.com/26046/diff/1/4#newcode50
Line 50: * but accepted by commonly used browsers
So am I understanding that these now parse?
If so, someone with a better understanding of CSS should check that we expect
them to!
http://codereview.appspot.com/26046/diff/1/3
File
java/gadgets/src/test/java/org/apache/shindig/gadgets/render/SanitizedRenderingContentRewriterTest.java
(right):
http://codereview.appspot.com/26046/diff/1/3#newcode153
Line 153: String sanitized = "<style>@import
url('http://www.test.com/basewww.example.org%2Fwww.evil.com%2Fx.js\\26gadget%3dwww.example.org%2Fgadget.xml\\26
fp%3d45508\\26sanitize%3d1\\26rewriteMime%3dtext/css');</style>";
Shorten line.
http://codereview.appspot.com/26046/diff/1/3#newcode155
Line 155: assertEquals(sanitized, rewritten);
I have absolutely no idea what's going on here. More comments!
http://codereview.appspot.com/26046/diff/1/3#newcode204
Line 204: // The sanitized url does *not* remove the initial colon since this
does not work in IE
Likewise, more comments.
http://codereview.appspot.com/26046/diff/1/3#newcode205
Line 205: String sanitized = "@import
url('http://www.test.com/basehttp%3A%2F%2Fwww.evil.com%2Fmore.css\\26
fp%3d45508\\26sanitize%3d1\\26rewriteMime%3dtext/css');\n"
Shorten line.
http://codereview.appspot.com/26046/diff/1/12
File javascript/samplecontainer/examples/SocialHelloWorld.xml (right):
http://codereview.appspot.com/26046/diff/1/12#newcode105
Line 105: msg.createDismissibleMessage("Go Away!");
You've left one of my feature tests in. I have other gadgets now to test these
features.
Suggestions for automatic testing of features welcome!
http://codereview.appspot.com/26046/diff/1/9
File site/eclipse/shindig-eclipse-codestyle_2.xml (right):
http://codereview.appspot.com/26046/diff/1/9#newcode1
Line 1: <?xml version="1.0" encoding="UTF-8"?>
Not clear why this file is included? No diff shown...
http://codereview.appspot.com/26046/diff/1/10
File site/eclipse/shindig-eclipse-codetemplate.xml (right):
http://codereview.appspot.com/26046/diff/1/10#newcode1
Line 1: <?xml version="1.0" encoding="UTF-8"?><templates><template
autoinsert="true" context="gettercomment_context" deleted="false"
description="Comment for getter method" enabled="true"
id="org.eclipse.jdt.ui.text.codetemplates.gettercomment"
name="gettercomment">/**
Likewise, no diff shown.
Snapshot http://codereview.appspot.com/26046/diff/1/13 File features/src/main/javascript/features/opensocial-reference/container.js (right): http://codereview.appspot.com/26046/diff/1/13#newcode544 Line 544: // TODO(doll): As caja evolves this method ...
16 years, 6 months ago
(2009-03-11 17:23:13 UTC)
#3
Snapshot
http://codereview.appspot.com/26046/diff/1/13
File features/src/main/javascript/features/opensocial-reference/container.js
(right):
http://codereview.appspot.com/26046/diff/1/13#newcode544
Line 544: // TODO(doll): As caja evolves this method should get a lot smaller
On 2009/03/11 13:21:05, ben wrote:
> Is it time to remove this TODO, since it actually appears to be getting
bigger?
> :-)
:) Removed in a separate CL that does reduce the size of this section.
http://codereview.appspot.com/26046/diff/1/13#newcode1100
Line 1100: ___.useApplyHandler(obj, name, schema[k](obj[name]));
On 2009/03/11 13:21:05, ben wrote:
> I'm still not convinced that useApplyHandler is the best way to attenuate
> functions.
Not needed for the upgrade so I've just removed it from this CL. If
re-introduced the patch should use handleGeneric not useApplyHandler.
http://codereview.appspot.com/26046/diff/1/3
File
java/gadgets/src/test/java/org/apache/shindig/gadgets/render/SanitizedRenderingContentRewriterTest.java
(right):
http://codereview.appspot.com/26046/diff/1/3#newcode153
Line 153: String sanitized = "<style>@import
url('http://www.test.com/basewww.example.org%2Fwww.evil.com%2Fx.js\\26gadget%3dwww.example.org%2Fgadget.xml\\26
fp%3d45508\\26sanitize%3d1\\26rewriteMime%3dtext/css');</style>";
On 2009/03/11 13:21:05, ben wrote:
> Shorten line.
Reformatted line.
http://codereview.appspot.com/26046/diff/1/3#newcode155
Line 155: assertEquals(sanitized, rewritten);
On 2009/03/11 13:21:05, ben wrote:
> I have absolutely no idea what's going on here. More comments!
Done.
http://codereview.appspot.com/26046/diff/1/12
File javascript/samplecontainer/examples/SocialHelloWorld.xml (right):
http://codereview.appspot.com/26046/diff/1/12#newcode105
Line 105: msg.createDismissibleMessage("Go Away!");
On 2009/03/11 13:21:05, ben wrote:
> You've left one of my feature tests in. I have other gadgets now to test these
> features.
>
> Suggestions for automatic testing of features welcome!
Done.
http://codereview.appspot.com/26046/diff/1/5 File java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/CajaContentRewriter.java (right): http://codereview.appspot.com/26046/diff/1/5#newcode102 Line 102: rw.setValijaMode(true); I am not averse to change the ...
16 years, 6 months ago
(2009-03-11 18:46:16 UTC)
#5
Looks good. One comment on tests http://codereview.appspot.com/26046/diff/3002/3005 File java/gadgets/src/test/java/org/apache/shindig/gadgets/parse/caja/CajaCssParserTest.java (right): http://codereview.appspot.com/26046/diff/3002/3005#newcode52 Line 52: public void ...
16 years, 6 months ago
(2009-03-12 21:17:28 UTC)
#7
http://codereview.appspot.com/26046/diff/4006/5014 File features/src/main/javascript/features/opensocial-reference/container.js (right): http://codereview.appspot.com/26046/diff/4006/5014#newcode543 Line 543: return callback && function tamedCallback(args) { return $v.cf(callback, ...
16 years, 6 months ago
(2009-03-15 12:23:42 UTC)
#9
http://codereview.appspot.com/26046/diff/4006/5014
File features/src/main/javascript/features/opensocial-reference/container.js
(right):
http://codereview.appspot.com/26046/diff/4006/5014#newcode543
Line 543: return callback && function tamedCallback(args) { return
$v.cf(callback, [ args ]); };
As I suggested on IM, the correct version of this looks like:
function tameCallback($v, callback) {
return callback && function tamedCallback() {
return $v.cf(callback, Array.slice(arguments, 0));
};
};
I think!
Snapshot * resolves problem with relative and absolute urls * adds basic tests for caja ...
16 years, 6 months ago
(2009-03-22 00:35:27 UTC)
#10
Snapshot
* resolves problem with relative and absolute urls
* adds basic tests for caja css parser
http://codereview.appspot.com/26046/diff/4006/5014
File features/src/main/javascript/features/opensocial-reference/container.js
(right):
http://codereview.appspot.com/26046/diff/4006/5014#newcode543
Line 543: return callback && function tamedCallback(args) { return
$v.cf(callback, [ args ]); };
On 2009/03/15 12:23:43, ben wrote:
> As I suggested on IM, the correct version of this looks like:
>
> function tameCallback($v, callback) {
> return callback && function tamedCallback() {
> return $v.cf(callback, Array.slice(arguments, 0));
> };
> };
>
> I think!
>
Done.
Issue 26046: Upgrade shindig to the latest caja
(Closed)
Created 16 years, 6 months ago by Jasvir
Modified 16 years, 1 month ago
Reviewers: Ben Laurie (Google), shindig.remailer_gmail.com, louiscryan
Base URL: http://svn.apache.org/repos/asf/incubator/shindig/trunk/
Comments: 26
