Opened 8 years ago

Last modified 5 years ago

#6368 confirmed Bug

Chrome: Insert Image dialog causes extra http request on closing

Reported by: jpatey@editure.co.uk Owned by:
Priority: Normal Milestone:
Component: General Version: 3.0
Keywords: Cc:

Description (last modified by Frederico Caldeira Knabben)

In chrome an additional request is produced whenever I open the image dialogue and then ok/cancel it.

  1. Open ckeditor.com/demo and open the developer tools to track requests.
  2. Click the 'Insert Image' button to display the image preview dialog.
  3. Click Cancel.
  4. A request is made relative to the current page location (so the html page ckeditor.com/demo) - The console also displays the warning 'Resource interpreted as image but transferred with MIME type text/html'

It looks like its caused during the dialog cleanup. The <img> tag src attribute is set to '' in /plugins/image/dialogs/image.js - which causes a relative request.

Browser: chrome 5.0.375.86 OS: Ubuntu 9.04

Change History (9)

comment:1 Changed 8 years ago by jpatey@editure.co.uk

Oops I screwed up wiki formatting Last line should read:The <img> tag src attribute is set to EMPTY_STRING in /plugins/image/dialogs/image.js - which causes a relative request.

comment:2 Changed 7 years ago by oliverseal

I can second this. It's killed my csrf-checking because of the extra request. On Chrome/Safari/Webkit it calls the current url expecting an image (but in my case getting text/html). In IE it calls the directory of the current page. (Regardless of OS)

In commit 7176 on svn, this is in plugins/image/dialogs/image.js on line 569. I'm sure there is good reason for this, but it's bad for my site. I commented it out in my source.

Anyone else stumbles on this bug while trying to figure it out: open the source file plugins/image/dialogs/image.js, do a search for element.setAttribute( 'src', ); comment it out or delete it. OR set it to a static image url you know exists and don't mind the request going to.

Due to the custom nature and preference each dev may have (deleting the line or pointing to a static image), I'm not creating a patch for this fix.

comment:3 Changed 7 years ago by Jakub Ś

Keywords: Webkit added
Status: newconfirmed
Version: 3.4.13.0

This is reproducible in all browsers. All return 404 when relative URL is used but only Chrome treats it as potential threat.

Perhaps changing this to some dummy image included in image plugin isn't such a bad idea?

Last edited 7 years ago by Jakub Ś (previous) (diff)

comment:4 Changed 7 years ago by Jakub Ś

Keywords: Webkit removed

comment:5 Changed 7 years ago by Jakub Ś

Ticket #8602 has proposed fix to this issue.

comment:6 Changed 7 years ago by Frederico Caldeira Knabben

Description: modified (diff)

comment:7 in reply to:  5 Changed 7 years ago by Frederico Caldeira Knabben

Replying to j.swiderski:

Ticket #8602 has proposed fix to this issue.

#8602 has nothing to do with this issue, unfortunately.

comment:8 Changed 5 years ago by Jakub Ś

We have another problem concerning this behaviour: #10687. Perhaps both can be fixed with changing mime type to application/javascript or text/javascript - http://stackoverflow.com/questions/3467404/chrome-says-resource-interpreted-as-script-but-transferred-with-mime-type-text

comment:9 Changed 5 years ago by oliverseal

Isn't that more of a server-side issue than a client-side one?

Note: See TracTickets for help on using tickets.
© 2003 – 2017 CKSource – Frederico Knabben. All rights reserved. | Terms of use | Privacy policy