search

amohanta / google-caja

Automatically exported from code.google.com/p/google-caja
0 stars 0 forks source link

Testbed doesn't work using file: URL on Firefox2 on Mac #660

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
Run
$ ant testbed
to build the testbed

Start Firefox and browse to
file:///path/to/svn-root/google-caja/ant-www/testbed/index.html

The testbed should load fine, but try cajoling anything and the cajoler
will fail with an exception
  java.lang.RuntimeException: java.io.FileNotFoundException:
resource:///com/google/caja/lang/css/css21.json

This exception originates in ConfigUtil.openConfigResource.

That resource is on the classpath.

Original issue reported on code.google.com by mikesamuel@gmail.com on 26 Jul 2008 at 2:33

GoogleCodeExporter commented 9 years ago 
The problem seems to be due to the SecurityManager which denies access to the 
file
system.  Normally there is an exception for resources loaded via
ClassLoader.getResourceAsStream and classes loaded via the same mechanism.  
Firefox
2.0.0.9 on Mac distinguishes between resources and classes.

This occurs only when the jars are loaded via the file: URL because otherwise 
the
SecurityManagers file system checks are not tripped.

Some sites report that putting the jars on the CLASSPATH environment variable 
will
allow this for older browsers.  This does not seem to help.

Original comment by mikesamuel@gmail.com on 26 Jul 2008 at 2:44

GoogleCodeExporter commented 9 years ago 
Possible solutions:
(1) Dynamic class loading still works, so we can stuff the resources we need in
classes possibly as part of the testbed ant target.
(2) We can have javascript fetch the JSON files via XMLHttpRequest and feed 
them to
the applet.  That would let us make the CSS & HTML schemas configurable in the 
testbed.
(3) Write a script that invokes Jetty or some other lightweight HTTP server so 
that
we don't need to use file: to run a locally built testbed.

Original comment by mikesamuel@gmail.com on 26 Jul 2008 at 2:56

GoogleCodeExporter commented 9 years ago 
BuildInfo does not fail since it loads the version info via 
java.util.ResourceBundle
which is privileged, so we could do
(4) convert the CSS and HTML schemas to resource bundles either in the 
repository or
at `ant testbed` time

Original comment by mikesamuel@gmail.com on 26 Jul 2008 at 3:11

GoogleCodeExporter commented 9 years ago 
The Firefox security.fileuri.strict_origin_policy and the deprecated
security.fileuri.origin_policy configuration properties affect how Firefox 
deals with
local files.

From http://kb.mozillazine.org/Security.fileuri.strict_origin_policy

Background

When local HTML files (e.g., those located on your hard drive) are loaded into 
the
browser, the scripts and links within have restrictions on what they can see 
and do.
Those restrictions are determined by the same-origin policy for local files, 
which
this preference controls.

This preference obsoletes security.fileuri.origin_policy.

Original comment by mikesamuel@gmail.com on 28 Oct 2008 at 10:32

GoogleCodeExporter commented 9 years ago 
Applet has been deprecated

Original comment by jas...@gmail.com on 27 May 2010 at 10:26