1. Zuhause
  2. Frage und Antwort
  3. Was verursacht diesen Ajax-Upload-Javascript-Fehler?

Was verursacht diesen Ajax-Upload-Javascript-Fehler?

2016-04-18 11 views
0

Ich versuche, eine Datei mit einem AjaxSubmitLink in einer mehrteiligen Form hochzuladen. Der Dateiupload selbst funktioniert einwandfrei, aber dann bekomme ich einen Javascript-Fehler in der Debug-Konsole:Was verursacht diesen Ajax-Upload-Javascript-Fehler?

ERROR: Cannot read Ajax response for multipart form submit: SecurityError: Blocked a frame with origin "http://localhost:8888" from accessing a cross-origin frame. 
ERROR: Wicket.Ajax.Call.failure: Error while parsing response: No XML response in the IFrame document

Was verursacht diese Ausnahme? (Und wie kann ich es beheben?)

Mein Code:

public class AddAttachmentPanel 
    extends Panel 
{ 
    private static final Logger LOG = LoggerFactory.getLogger(AddAttachmentPanel.class); 

    @Inject 
    IRemoteIssueService remoteIssueService; 

    Form addAttachmentForm; 

    FileUploadField fuf; 

    public AddAttachmentPanel(String id, IModel<UiIssue> uiIssueModel) 
    { 
     super(id); 
     this.setVisible(false); 
     this.setOutputMarkupId(true); 
     this.setOutputMarkupPlaceholderTag(true); 

     this.addAttachmentForm = new Form<Void>("addAttachmentForm") 
     { 
      private static final long serialVersionUID = 3350671074490969089L; 

      @Override 
      protected void onError() 
      { 
       LOG.error("Uh oh"); 
      } 

      @Override 
      protected void onSubmit() 
      { 
       super.onSubmit(); 
       try 
       { 
        File file = AddAttachmentPanel.this.fuf.getFileUpload().writeToTempFile(); 
        LOG.info("Wrote file:" + file.length()); 
       } 
       catch (Exception e) 
       { 
        // TODO Auto-generated catch block 
        e.printStackTrace(); 
       } 

       uiIssueModel.detach(); 
       WicketSession.get().info("Success!"); 
      } 
     }; 

     this.addAttachmentForm.setMultiPart(true); 
     this.addAttachmentForm.setMaxSize(Bytes.megabytes(Settings.UPLOAD_MAX_MB)); 

     this.fuf = new FileUploadField("fuf"); 
     this.fuf.setRequired(true); 

     this.addAttachmentForm.add(this.fuf); 

     this.addAttachmentForm.add(new AjaxSubmitLink("saveAttachmentLink", this.addAttachmentForm) 
     { 

      private static final long serialVersionUID = 6351225213189683847L; 

      @Override 
      protected void onAfterSubmit(final AjaxRequestTarget target, final Form<?> form) 
      { 
       super.onAfterSubmit(target, form); 
       this.send(this.getPage(), Broadcast.BREADTH, new IssueUpdatedEvent(target, uiIssueModel.getObject())); 
      } 
     }); 


     this.add(this.addAttachmentForm); 
    } 

}

Quelle

2016-04-18 RobAu

Antwort

2

Es verursacht wurde durch die X-Frame-Options Einstellung DENY (Ich tat dies im Rahmen eines OWASP-Scan).

Wechsel zu SAMEORIGIN behoben.

@Override 
protected WebResponse newWebResponse(WebRequest webRequest, HttpServletResponse httpServletResponse) 
{ 
    WebResponse response = super.newWebResponse(webRequest, httpServletResponse); 
    //Protect against clicjJacking: 
    // See https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options 
    // and http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/combating-clickjacking-with-x-frame-options.aspx 
    response.addHeader("X-Frame-Options", "SAMEORIGIN"); 
    return response; 
}

Quelle

2016-04-18 09:24:42 RobAu

Verwandte Themen

 Verwandte Themen