Hi,
When we build the product DSS [1] with the latest Kernel Release (4.4.6),
we have observed following issues in "Try it" page. Appreciate any clue on
this to get them resolved.
*1) *In Https mode, Try it requests gives following error on send [2][3].
WARN {org.owasp.csrfguard.log.JavaLogger} - potential cross-site request
forgery (CSRF) attack thwarted (user:<anonymous>, ip:10.100.7.118,
method:POST, uri:/carbon/admin/jsp/WSRequestXSSproxy_ajaxprocessor.jsp,
error:required token is missing from the request)
Private proxy protocol will be attempted as cross-domain browser
restrictions might be enforced for this endpoint.
<TryitClient xmlns="http://tryit.carbon.wso2.org";>
<Reason>Error connecting to the Tryit ajax proxy</Reason>
</TryitClient>
*2)* Try it page does not load properly in Chrome. It loads correctly in
Firefox. It gives the following error on chrome [4].
Refused to execute script from '
https://localhost:9443/services/echo?wsdl2form&resource=editarea/edit_area_full.js'
<https://www.google.com/url?q=https%3A%2F%2Flocalhost%3A9443%2Fservices%2Fecho%3Fwsdl2form%26resource%3Deditarea%2Fedit_area_full.js%27&sa=D&sntz=1&usg=AFQjCNGL0XVRd6yRXPkx_0JirC6kv1p-4A>
because its MIME type ('text/html') is not executable, and strict MIME type
checking is enabled.
Uncaught ReferenceError: editAreaLoader is not defined.
[1] https://github.com/wso2/product-dss/
[2] https://drive.google.com/open?id=0B16LG8jdYeP8ZEpyV1F5cmRsTDA
[3] https://drive.google.com/open?id=0B16LG8jdYeP8LWF2elVTbzFQOWs
[4] https://drive.google.com/open?id=0B16LG8jdYeP8VmtlWXEtdmRJUjQ
Regards,
--
Anupama Pathirage
Associate Technical Lead
WSO2, Inc. http://wso2.com/
Email: anup...@wso2.com
Mobile:+94 71 8273 979
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
