-
-
Notifications
You must be signed in to change notification settings - Fork 143
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug]: popup - iframe stop working on LWC 3.8 #4863
Comments
|
hi @Antoviscomi i'm talking about html, <iframe> tag |
@josemvm that's now sanified as well as all html tags to any dynamic container to avoid xss attacs, so all the readdresing on dynamic contents shall be unavailable. |
@Antoviscomi yes i really understand the security issues but there should also be the possibility of creating exceptions for what is truly secure, i think |
@josemvm I totally agree with you! |
@josemvm right but doesn't works without a parent layer, that is, if the layer that allows the iframe to be displayed does not have a parent or a relation setted I suppose. Furthermore the content you need to serve is a static file (.pdf) not a dynamic object, so the sanitization problem in case of dynamic content (in example html document with bookmarks) remains unsolved |
yes, but it's very strange... |
What is the bug? (in English)
LWC 3.7.11
popup shows iframe in second table
LWC 3.8.3-pre
popup doesn´t show iframe in second table
LWC 3.7.11 and LWV 3.8.3-pre
data - everything works fine
Steps to reproduce the issue
try beteween these versions
Versions, safeguards, check summary etc
Versions :
List of Lizmap Web Client modules :
* multiauth : 1.2.2
List of safeguards :
* Mode : normal * Allow parent folder : no * Prevent other drive : no * Prevent PG service : no * Prevent PG Auth DB : no * Force PG user&pass : no * Prevent ECW : no
Check Lizmap plugin
Operating system
Ubuntu 22.04
Browsers
Firefox
Browsers version
131.0.2
Relevant log output
No response
The text was updated successfully, but these errors were encountered: