FCKeditor JavaScript API 抛出“安全错误";代码:“1000"当我尝试 SetHTML() [英] FCKeditor JavaScript API throws "Security error" code: "1000" when I attempt SetHTML()

查看:54
本文介绍了FCKeditor JavaScript API 抛出“安全错误";代码:“1000"当我尝试 SetHTML()的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

打开一个只有一个 FCKeditor 窗口的网页后,我得到了实例:

i = FCKeditorAPI.GetInstance( "txtText" )

这有效.我也被允许:

i.GetHTML() #=><div class=".... 等,正确输出

但是当尝试

i.SetHTML( "

Quux

" )

我明白了:

[异常...安全错误"代码:1000"nsresult:0x805303e8(NS_ERROR_DOM_...等]

我有一种不确定的感觉,过去我可以使用 SetHTML() 更改 FCKeditor 窗口内容,但我不完全确定.怎么办?

响应评论,我的 HTML 是

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="cs" lang="cs"><头><meta http-equiv="Content-Type" content="text/html; charset=windows-1250"/><meta http-equiv="Content-language" content="cs"/><meta http-equiv="expires" content="-1"/><meta http-equiv="pragma" content="no-cache"/><meta http-equiv="cache-control" content="private"/><title>Foo |酒吧 |网络制作者 |FOO.CZ</title><style type="text/css" media="screen">/*<![CDATA[*/@import url(http://webmaker.ooo.cz/_design/style.css);/*]]>*/<script type="text/javascript" src="http://webmaker.ooo.cz/common.js"></script><身体><div id="标题"><span><a href="http://webmaker.ooo.cz/logout.aspx">注销</strong></span>

<div id="main"><div id="内容"><div id="tabmenu"></div><!--/tabmenu --><dif id="tabcontent"><form name="_ctl2" method="post" action="detail.aspx?article=14599" id="_ctl2"><input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value=""/><input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value=""/><input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTE2MTEzz0iZG9.....reallllly..looong...strin......6qKb5or30J5DCLKTCaFR/xc8TPHb9A="/><script type="text/javascript"><!--var theForm = document.forms['_ctl2'];如果 (!theForm) {theForm = document._ctl2;}函数 __doPostBack(eventTarget, eventArgument) {if (!theForm.onsubmit || (theForm.onsubmit() != false)) {theForm.__EVENTTARGET.value = eventTarget;theForm.__EVENTARGUMENT.value = eventArgument;theForm.submit();}}//--><input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWEQ...vsyXR4="/><div class="数据"><字段集><legend>Text článku</legend><div><input type="hidden" id="txtText" name="txtText" value="FCK 编辑器窗口内容在这里."/><input type="hidden" id="txtText___Config" value="HtmlEncodeOutput=true"/><iframe id="txtText___Frame" src="http://webmaker.ooo.cz/_wysiwyg/editor/fckeditor.html?InstanceName=txtText&amp;Toolbar=WebMaker" width="100%" height="400px" frameborder="no" scrolling="no"></iframe></div><input type="button" onclick="GetWordsCount('txtText___Frame')" value="Zobrazit počet slov v článku"/></fieldset><!-- 这里还有一些字段集和一个提交按钮.--></div><!-- .data --></表单></div><!-- tabcontent --></div><!--/main --></html>

解决方案

FCKeditor 的 SetHTML 方法依赖于 document.write 调用来替换编辑控件中的内容.不幸的是,document.write 在 Firefox 上的 Web 控制台中不起作用.

这是一个已知错误:在 Scratchpad 窗口中使用 document.write 会出现安全错误"未定义'在 Web 控制台中

我知道错误是 Scratchpad 并且错误消息不同,但它是相同的问题.请注意 David Chan(Mozilla 安全研究员)的此评论:

<块引用>

这似乎是在沙箱中运行 WebConsole/ScratchPad 的另一个错误.

您可能记得过去能够执行此操作的原因是因为它适用于 FireBug,并且适用于 Chrome.您过去可能在使用 FCKeditor 控件时使用过其中一种环境.

After opening a webpage with exatly one FCKeditor window in it, I get the instance:

i = FCKeditorAPI.GetInstance( "txtText" )

This works. I am also allowed:

i.GetHTML() #=> <div class=".... etc., correct output

But when trying

i.SetHTML( "<h1>Quux</h1>" )

I get:

[Exception... "Security error" code: "1000" nsresult: "0x805303e8 (NS_ERROR_DOM_... etc. ]

I have an uncertain feeling, that in past, I was able to change the FCKeditor window contents with SetHTML(), but I'm not completely sure. What to do?

In response to the comment, my HTML is

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="cs" lang="cs">

<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1250" />
<meta http-equiv="Content-language" content="cs" />
<meta http-equiv="expires" content="-1" />
<meta http-equiv="pragma" content="no-cache" />
<meta http-equiv="cache-control" content="private" />
<title>Foo | Bar | WebMaker | FOO.CZ</title>
<style type="text/css" media="screen">/*<![CDATA[*/@import url(http://webmaker.ooo.cz/_design/style.css);/*]]>*/</style>
<script type="text/javascript" src="http://webmaker.ooo.cz/common.js"></script>
</head>

<body>
<div id="header">
        <span><a href="http://webmaker.ooo.cz/logout.aspx">Logout</strong></span>
</div>
    <div id="main">

        <div id="content">
            <div id="tabmenu">

            </div><!-- /tabmenu -->
            <dif id="tabcontent">
              <form name="_ctl2" method="post" action="detail.aspx?article=14599" id="_ctl2">
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE"     value="/wEPDwULLTE2MTEzz0iZG9.....reallllly..looong...strin......6qKb5or30J5DCLKTCaFR/xc8TPHb9A=" />

<script type="text/javascript">
  <!--
      var theForm = document.forms['_ctl2'];
      if (!theForm) {
          theForm = document._ctl2;
      }
      function __doPostBack(eventTarget, eventArgument) {
          if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
              theForm.__EVENTTARGET.value = eventTarget;
              theForm.__EVENTARGUMENT.value = eventArgument;
              theForm.submit();
          }
      }
   // -->
</script>

<input type="hidden" name="__EVENTVALIDATION" id="__EVENTVALIDATION" value="/wEWEQ...vsyXR4=" />
    <div class="data">
    <fieldset>
<legend>Text článku</legend>

<div><input type="hidden" id="txtText" name="txtText" value="FCK editor window contents here." /><input type="hidden" id="txtText___Config" value="HtmlEncodeOutput=true" /><iframe id="txtText___Frame" src="http://webmaker.ooo.cz/_wysiwyg/editor/fckeditor.html?InstanceName=txtText&amp;Toolbar=WebMaker" width="100%" height="400px" frameborder="no" scrolling="no"></iframe></div>  
<input type="button" onclick="GetWordsCount('txtText___Frame')" value="Zobrazit počet slov v článku" />
    </fieldset>

    <!-- There are some more fieldsets here and a submit button. -->

                  </div><!-- .data -->
              </form>
            </div><!-- tabcontent -->
</div><!-- /main -->
</body>
</html>

解决方案

FCKeditor's SetHTML method relies on a document.write call to replace the content in the edit control. Unfortunately document.write does not work from within the Web Console on Firefox.

This is a known bug: Using document.write inside Scratchpad window brings up 'Security error undefined' in Web Console

I know that error says Scratchpad and the error message is different but it's the same problem. Note this comment from David Chan (Mozilla Security Researcher):

This appears to be another bug from running WebConsole / ScratchPad in a sandbox.

The reason you probably remember being able to do this in the past is because it works in FireBug, and it works in Chrome. You've probably used one of those environments in the past when working with a FCKeditor control.

这篇关于FCKeditor JavaScript API 抛出“安全错误";代码:“1000"当我尝试 SetHTML()的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆