Closed GoogleCodeExporter closed 8 years ago
Fixed over the following changes:
1605, 1606, 1607, 1630, 1632, 1634, 1636, 1642, 1643
Summary:
Added code to obfuscate sensitive data being sent during update operations and
added
code to support parsing form snippet as XHTML using local DTD files.
Notes to Users:
Most Connectors release prior to this patch have been returning HTML and will
not
work with the version of the Connector Manager that includes this patch.
Connector
developers are updating the ConnectorType implementations to conform to this
XHTML
requirement and will be made available with the Connector Framework release
containing this update.
Notes to Developers:
The formSnippet returned from the ConnectorType methods MUST BE WELL FORMED
XHTML. In the past, the formSnippet could be HTML/SGML and didn't have to be
parsed by the Connector Manager. With the addition of filter for sensitive data
within the formSnippet, the formSnippet is now passed through an XML parser
checking for well formed XHTML. Malformed XHTML will not be passed back to the
caller. This means a Connector can never be updated if the
ConnectorType.getPopulatedConfigForm() implementation is returning a malformed
XHTML formSnippet in the ConfigureResponse. An XML parsing error is returned
instead.
If the formSnippet contains script the script code must be contained within a
CDATA block as shown below:
<script language="JavaScript" type="text/javascript">
<![CDATA[
function checkSelect() {
var opt = document.getElementById('Version');
if (opt == 'version1') {
alert('Version1 Selected');
} else {
alert('Version1 Not Selected');
}
}
]]>
</script>
<tr>
<td colspan="1" rowspan="1"><div style="float: left;">Select
Version</div></td>
<td colspan="1" rowspan="1"><select id="SPType" name="Version"
onchange="checkSelect();" size="1">
<option selected="" value="version1">Version 1</option>
<option value="version2">Version 2</option></select>
</td>
</tr>
TESTS PASSED:
- All Unit Tests
- Tested with GSA. Created connector and passed several types of formSnippets.
Observed tcp traffic and confirmed sensitive data obfuscated and formSnippets
were kept intact.
Original comment by mgron...@gmail.com
on 4 Apr 2009 at 3:25
Original comment by mgron...@gmail.com
on 4 Apr 2009 at 3:34
Original issue reported on code.google.com by
mgron...@gmail.com
on 4 Apr 2009 at 3:14