Last modified: 2013-12-04 15:52:13 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T24704, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 22704 - Cross origin issue for cortado+mwEmbed player
Cross origin issue for cortado+mwEmbed player
Status: UNCONFIRMED
Product: MediaWiki extensions
Classification: Unclassified
TimedMediaHandler (Other open bugs)
unspecified
All All
: Lowest enhancement (vote)
: ---
Assigned To: Michael Dale
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2010-03-02 21:36 UTC by Derk-Jan Hartman
Modified: 2013-12-04 15:52 UTC (History)
6 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Derk-Jan Hartman 2010-03-02 21:36:53 UTC 
In the new webplayer, web controls are used for Cortado. On Safari, i get the following error.

Error: java.security.PrivilegedActionException: sun.plugin.liveconnect.OriginNotAllowedException: JavaScript is not from the same origin as the Java code, caller=http://commons.wikimedia.org/wiki/Main_Page, callee=http://upload.wikimedia.org/jars/cortado.jar
	at java.security.AccessController.doPrivileged(Native Method)
	at sun.plugin.liveconnect.SecureInvocation.CallMethod(SecureInvocation.java:128)
	at sun.plugin.liveconnect.SecureInvocation.access$300(SecureInvocation.java:51)
	at sun.plugin.liveconnect.SecureInvocation$CallMethodThread.run(SecureInvocation.java:177)
Caused by: sun.plugin.liveconnect.OriginNotAllowedException: JavaScript is not from the same origin as the Java code, caller=http://commons.wikimedia.org/wiki/Main_Page, callee=http://upload.wikimedia.org/jars/cortado.jar
	at sun.plugin.liveconnect.SecureInvocation.checkLiveConnectCaller(SecureInvocation.java:393)
	at sun.plugin.liveconnect.SecureInvocation.access$000(SecureInvocation.java:51)
	at sun.plugin.liveconnect.SecureInvocation$2.run(SecureInvocation.java:133)
	... 4 more

This should probably be try/caught and then switch back to Cortado native controls. It might be possible that with CORS (bug 20298) this problem could be dealt with, but I haven't tested this, nor been able to confirm it.
Comment 1 Derk-Jan Hartman 2010-03-02 22:17:42 UTC 
Possibly related useful info:

http://jimbojw.com/t/index.php?title=Opera_LiveConnect_OriginNotAllowedException
Comment 2 Andre Klapper 2013-12-04 15:51:40 UTC 
[As per bug 54063 comment 2 tentatively moving to TimedMediaHandler component + setting to lowest priority && unconfirmed, as this was filed against old code. Might be worth to just close if nobody confirms that this is still a problem.]
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links