Hi, there should be a provided solution for metadata-information-handling by OXID.
Existing solutions with embedded HTML inside these fields (e.g. to inject a version-checker-image within title-field) aren't just a rude method, its a security-matter too. Further more, if metadata.php itself is encrypted, this may end in untrusted components, because they are executed within admin-frontend! I would suggest to change from that simple php-file to some other format, for example json, removing the possability to inject harmful code (not just browser-frontend, ist server-side-executed code too). Especially having Cross-Origin-Requests within SSL-secured context should be taken a bit more serious. greets Danny -----Ursprüngliche Nachricht----- Von: [email protected] [mailto:[email protected]] Im Auftrag von Maximilian Berghoff Gesendet: Dienstag, 17. März 2015 12:01 An: [email protected] Betreff: [oxid-dev-general] Clickable logo in the module setting -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 hi, i have a question if somebody ever tried to put the url (metadata.php) under the thumbnail (metadata.php) to make it clickable? We tried to extend the template. Yea that works when the module is active - the template exists, so i can add a link into that template, but when deactivating the template it does not exist anymore -> Exception. any help? any hints? greets max - -- - -- Maximilian Berghoff Mayflower GmbH Gneisenaustraße 10/11 Tel.: +49 931 359 65 1180 D-97074 Würzburg Fax : +49 931 359 65 28 [email protected] http://www.mayflower.de Mayflower GmbH: http://mayflower.de/impressum -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVCAlsAAoJEHNImtue0q8gXaUP/0y2zovBjFH3qIUg4UTEgVp6 zTFUmNToJ7REXi86iJ6ZUN0b8L8niJ5Zn0fyonokY9e2uvDBU10GUms3Gji63Q2A HY0f+CQKUv6G3KjnrCgEuM4KrFrfAa2t7eeqfAw0ZwhPM3rnwSyjfR2CtYSW8V5h 4rhwXRLhXMmcc9fPp0Dtk5gWwRclYV/SVlfyWnQM/ZMv/4n4UXS7CZi4/JzSRjMJ ZsC2U431iDCQ0CCsOnUZ1dvL10IebE2zpDU970XvlHhEfxaB09hhaz1sLK7wXxtR x8OtHYCcC9OwgIOpVyxsCSwQDIKqIPbxfNoxIBePWsy8BfXBjusaYHlNUz4Cf/dm K823rDLyNWfzxf4s9jyrYW0tzK6BTn9a5N4qTSRheKm7LhTIaQRg35lcyQU39TLB DOvK6Ius5xJCxOxnK9YhckXvWhOtjVrF8Fm0z5pk60YwCuJYM/gRrn6VWEegFkRW eIcLLnoPXIr5dJQs0Qdr5DChw+FkHg9SqBEEYpRxR3JFndz0YzzX2R+b+hu1Sg4s PyPq+8j7vSGiSRlPrqAagfp9Sur4Xrxpz1jt4rSfSjrOdnuHmrri/Zcwp0Rd8T6M zBxT6PiQ/aE+7sYzU0rF0RcH80AQ8N96yy6iyS5qf5Sz2Ra0zGd7d1SBSRpH/PnM SP3eYkJqN3Kv2+Ze0+WW =3QZ3 -----END PGP SIGNATURE----- _______________________________________________ dev-general mailing list [email protected] http://dir.gmane.org/gmane.comp.php.oxid.general _______________________________________________ dev-general mailing list [email protected] http://dir.gmane.org/gmane.comp.php.oxid.general
