Open pstevens71 opened 5 months ago
Hi @pstevens71,
thanks for contributing to our project,
I'm afraid I can't replicate the expected behavior, would you please check my steps:
1) I've got my entry point registered:
2) This is an expected result with commented-out lines mentioned in the issue:
3) This is the applied fix:
The changes are present in the code base:
Homepage after running the utility 'Repair & Rebuilt':
I would appreciate your feedback on my replication steps.
Thanks a lot in advance!
Regards, Serhii
Did you re-add the dashlet after the change?
Thanks for asking - yes, I did.
Hmm, did you flush all the JS stuff out in Repair? I've implemented this on at least 3 installations without problem.
Also does the base URL in your config match the URL of the internal link?
Thank you for the quick reply, yes - all is fine (JS & URL).
I tend to think that the issue is with the pattern given. After some changes, I have a proper result:
Have a closer look, please:
I have never entered the control structure as preg_match gives false:
Would it be possible to make additional changes?
Thanks in advance.
Regards, Serhii
Ok, thanks! How do I make changes? Do I do another PR?
Paul, if you simply edit the files in our own fork, in the same branch you're using for this PR, they will show up here.
Thanks @pgorod for the tip! I think I got it.
Hello @pstevens71,
thanks for the changes you've made!
Regards, Serhii
Description
Created a new function getCustomEntrypoints() to find all the custom entry points, then modified the function isSelfRequest($endpoint) to check the list of custom entry points in which case it will return false and allow the entry point.
https://github.com/salesagility/SuiteCRM/issues/10150
Motivation and Context
This allows internal entrypoints to be allowed to be embedded in a dashlet. One would presume that internal entry points created by a developer should be allowed to be embeded.
How To Test This
Apply the patch and then create a custom entry point. Like echo "hello world"; and then try and embed that URL in Dashlet as iframe. It should be allowed with these modificaitons.
Types of changes
Final checklist