SergeyPentsov
commented
9 years ago I checked our build and i don't have any problems. Please, provide your jdk version, tomcat, mojarra and browser.
Open njdrew opened 9 years ago
SergeyPentsov
commented
9 years ago I checked our build and i don't have any problems. Please, provide your jdk version, tomcat, mojarra and browser.
njdrew
commented
9 years ago Hi Sergey,
What URLs are being used for your components for the resources in your build?
jdk1.6.0_19, JBoss 5.1, JSF 1.2 Jboss Web 2.1.3 All browsers
Found using OpenFaces 2.x nightly build. But appear to be same on latest.
When installing an IIS Webserver in front of our working web application we found that the OpenFaces components were not displaying or working correctly due to being supplied via the protected META-INF folder in openfaces jar.
Investigating the error, the errors in the browsers are shown as:
http://server/app/openFacesResources/META-INF/resources/openfaces/default-2.1.EA1.2007.css Failed to load resource: the server responded with a status of 404 (Not Found) http://server/app/openFacesResources/META-INF/resources/openfaces/util/util-2.1.EA1.2007.js Failed to load resource: the server responded with a status of 404 (Not Found) http://server/app/openFacesResources/META-INF/resources/openfaces/util/ajaxUtil-2.1.EA1.2007.js Failed to load resource: the server responded with a status of 404 (Not Found) http://server/app/openFacesResources/META-INF/resources/openfaces/table/table-2.1.EA1.2007.js Failed to load resource: the server responded with a status of 404 (Not Found) http://server/app/openFacesResources/META-INF/resources/openfaces/tableUtil-2.1.EA1.2007.js Failed to load resource: the server responded with a status of 404 (Not Found) http://server/app/openFacesResources/META-INF/resources/openfaces/util/json2-2.1.EA1.2007.js Failed to load resource: the server responded with a status of 404 (Not Found) http://server/app/openFacesResources/META-INF/resources/openfaces/table/treeTable-2.1.EA1.2007.js Failed to load resource: the server responded with a status of 404 (Not Found) page.faces:688 Uncaught ReferenceError: O$ is not defined page.faces:880 Uncaught ReferenceError: O$ is not defined page.faces:882 Uncaught ReferenceError: O$ is not defined page.faces:2073 Uncaught ReferenceError: O$ is not defined http://server/app/openFacesResources/META-INF/resources/openfaces/table/minus-2.1.EA1.2007.gif Failed to load resource: the server responded with a status of 404 (Not Found) http://server/app/openFacesResources/META-INF/resources/openfaces/default-2.1.EA1.2007.css Failed to load resource: the server responded with a status of 404 (Not Found)
Investigating the logs on the server, the error message is:
[emerg] HttpFilterProc::jk_isapi_plugin.c (1983): … points to the web-inf or meta-inf directory. Somebody tries to hack into the site!!!
Correctly, files held in web-inf or meta-inf are being blocked. However, thats where OpenFaces is currently loading them from and cannot be loaded.
Looking at the source code for the nightly build 2.x, the Resources class the class has a hard coded openFacesResources/META-INF/ constant.
Looking in the latest 3.0 source, the resources still appear to be held in the META-INF directory.
org.openfaces.util.Resources class:
In order to fix this ourselves, we downloaded the source and removed the META-INF from the above constant. Then moved the resources folder to the root of the jar.
Everything then worked as expected.
But this still looks like an issue with the latest openfaces as the resources still appear to be in the META-INF folder.