Thanks for the catch, Kevin! Seems very likely. Is it the thing
configured at compile-time?
Regards,
Anton.
On 11/20/2018 12:51 AM, Kevin Rushforth wrote:
I can reproduce it and it seems related to Cross-Site-Scripting (XSS)
protections, which you have enabled in your HTML header with:
<meta http-equiv="Content-Security-Policy" ...>
If I remove the 'http-equiv="Content-Security-Policy"' from the
meta-data then it displays just fine.
Perhaps Arun or Murali could comment on whether this is a bug or not.
It seems just as likely to me that it is a feature that didn't used to
be enabled and now is.
-- Kevin
On 11/19/2018 1:44 PM, Anton Tarasov wrote:
Hi Kevin,
On 11/20/2018 12:21 AM, Kevin Rushforth wrote:
Hi Anton,
We'll take a look and see if we can reproduce it. Am I correct in
understanding that the problem only happens with loadContent, which
works on 8u152 and fails on 8u202-ea? And that load from a file
works fine on both 8u152 and 8u202-ea?
Yes, that's right. I've also checked that it's broken in the latest
jfx12 as well. I'd appreciate your help in resolving this.
Thanks,
Anton.
-- Kevin
On 11/19/2018 12:17 PM, Anton Tarasov wrote:
Hello, JFX team!
We (at JetBrains) faced an issue with WebView after we've moved to
an JFX update in JDK8u202. The issue is that WebView stopped
loading images referenced by an absolute URL under some circumstances.
Below is a real html content, produced by IDEA markdown viewer. It
has lots of style pre-loads and a sample image that it should
eventually display. The html is loaded view
WebEngine.loadContent(..) but a placeholder text is only displayed
- that's the problem that can be reproduce with JDK8u202. However
it worked with JDK8u152.
The style references will obviously fail for you, but if you put
this html into a file and will load it via
WebEngine.load(file:///path/to/file), the image will be shown with
no problem (in 8u202 as well).
<html><head><meta http-equiv="Content-Security-Policy"
content="default-src 'none'; script-src
http://localhost:63344/api/markdown-preview/scripts/processLinks.js?_ijt=ujioejund46k8cmdcsuggbpnf3
http://localhost:63344/api/markdown-preview/scripts/scrollToElement.js?_ijt=ujioejund46k8cmdcsuggbpnf3;
style-src https:
http://localhost:63344/api/markdown-preview/styles/default.css?_ijt=ujioejund46k8cmdcsuggbpnf3
http://localhost:63344/api/markdown-preview/styles/darcula.css?_ijt=ujioejund46k8cmdcsuggbpnf3
http://localhost:63344/api/markdown-preview/styles/inline.css?_ijt=ujioejund46k8cmdcsuggbpnf3;
img-src *; connect-src 'none'; font-src *; object-src 'none';
media-src 'none'; child-src 'none';"/><link rel="stylesheet"
href="http://localhost:63344/api/markdown-preview/styles/default.css?_ijt=ujioejund46k8cmdcsuggbpnf3"
/>
<script
src="http://localhost:63344/api/markdown-preview/scripts/processLinks.js?_ijt=ujioejund46k8cmdcsuggbpnf3"></script>
<script
src="http://localhost:63344/api/markdown-preview/scripts/scrollToElement.js?_ijt=ujioejund46k8cmdcsuggbpnf3"></script></head><body
md-src-pos="0..89"><p md-src-pos="0..88"><img
src="file:///C:/Users/tav/IdeaProjects/DummyProject/src/kitten.jpg"
alt="Kitten" title="A cute kitten" md-src-pos="0..88"
/></p></body></html>
Then, if you remove all the style loading and leave only the image,
the image will be shown in either way: load(url) or loadContent (in
8u202)
<html><head></head><body md-src-pos="0..89"><p
md-src-pos="0..88"><img
src="file:///C:/Users/tav/IdeaProjects/DummyProject/src/kitten.jpg"
alt="Kitten" title="A cute kitten" md-src-pos="0..88"
/></p></body></html>
Sorry for not submitting the code, I hope you will easily put it
into a real demo (I played with JFX's WebViewApp).
So, could you please advice on what went wrong with it?
With regards,
Anton.