XPages - extlib 9.0.1v12 and JQuery 2.11 - xpages

I have always used in my projects the latest version of the extension library for 9.01v12 9.0.1fp3 Domino
Everything works properly and well . But in this scenario, I have a large number of clients , with the terrible IE8 browser :-(
The problem is that JQuery 2.x broke support IE8 and I see errors in the code JS code JQuery .
If I try to manually put the 1.X version of JQuery everything works properly .
But the problem is that I use version EXTLIB bootstrap right now and everything is calculated and drawn on in runtime .
Do you have ideas ?
It would be enough to actually enter the following syntax in nell'extlib bootstrap Theme (upload too the JQuery 1.11.3), but I don't know how.
<resource rendered="#{javascript:context.getUserAgent().isIE(0,8)}">
<content-type>application/x-javascript</content-type>
<href>/.ibmxspres/.extlib/responsive/jquery/jquery-1.11.3.min.js</href>
</resource>
Some suggest ?

As you already said JQuery 2.x drops support for IE 8 and lower. To support IE 8 and lower, you will have to use jQuery 1.x.
I think you will have to load Bootstrap manually, and won't be able to take advantage of the latest ExtLib with built in Bootstrap. When I say manually, I mean before the latest ExtLib, the way you used to do it. You can still use the Bootstrap4Xpages openNTF project if you like, as it uses jQuery 1.11 and Bootstrap 3.2.
I wouldn't recommend using both jQuery versions in the same application. But with that being said, you asked if you can try loading the old jQuery for IE8 only. I would say that it is worth a try, but I would be surprised if everything just worked in new and old browsers.
I would also recommend storing your bootstrap code in your NSF as a resource if you are not already.
If you are forced to use bootstrap with IE 8, there will be cool things that you just won't be able to do. This was true even with version 2.3 of Bootstrap. As someone who has to support IE 8, I feel your pain.
The bottom line is that I think you are stuck doing this the old way.

Related

How to Fix the Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI

I am using opencart 1.5.6 and I am facing an issue,
Issue : "Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI" .
The jquery ui version 1.8.16 is been used in the application. Need help in fixing this issue. TIA
Do you mean the Title XSS vulnerability? You cannot really fix it in your code, but you can make sure to not pass anything that originates from user input as dialog titles (or html encode it beforehand). While this does not fix jQuery UI, it mitigates the risk in your application. (But you have to remember to do it everywhere, and in future changes too, which is not very good.)
Most of the times you should not be fixing 3rd party library vulnerabilities. Generally, the library gets fixed anyway, you just have to update, and that seems to be the case here. Use the latest verson of jQuery UI and it should be fine.
Edit:
In your case with OpenCart, this may mean upgrading OpenCart itself to its latest version, because as far as I can see, 1.5.6 depends on the vulnerable jQuery version. Whether your application is actually vulnerable to XSS or not depends on how OpenCart uses jQuery UI and whether it passes user input as dialog titles.
I assume you got this as a penetration test report finding, and the tester may have seen the vulnerable version of jQuery - that does not necessarily mean the vulnerability in your application is actually exploitable. Of course it may be.
Upgrading 3rd parties to recent versions regularly is a good practice, which helps with these kind of vulnerabilities.

Integrating third party Bootstrap CSS themes with Bootsfaces

I seem to have reached a conundrum in integrating this third party Bootstrap theme within bootsfaces. Currently what I'm trying to do is include the css/js files within the xhtml files, but that doesn't seem to display any styling or show any references to the css files when inspecting the page. Will I need to build bootsfaces from source? Any help would be greatly appreciated
Starting with BootsFaces 0.8.0, we (the BootsFaces team) have added full-blown theme support. This include the default theme, 16 Bootswatch themes which are included in the library, and arbitrary custom themes. Read the details on our showcase.
However, in earlier versions (i.e. BootsFaces 0.7.0 and below) it was a bit more difficult to get custom or third-party themes up and running. Therefore, I recommend updating to BootsFaces 0.8.x, if you're still using an older version.
Update Dec 6, 2015: Forget about my former answer. BootsFaces theming works a bit different than I thought. We've changed it in the soon-to-come BootsFaces 0.8.0, anyways. I'll update my answer as soon as I'll have worked out the details.
The default Bootstrap theme of BootsFaces is a simple file (bsf.css). If you don't activate it in the web.xml, BootsFaces runs without any theme. So your approach should work: simply add the CSS file to your XHTML page, and you're good to go. You don't have to compile BootsFaces from source.

How do I know if my browser supports SVG 2.0?

How do I know if my browser supports SVG 2.0?
(Apart from trying a feature that is supposed to work in SVG2 and realizing it's not working or that it works ...?)
From what I understand SVG 2.0 is still a work in progress with no full browser implementation.
For the more elusive features of SVG that may not be implemented by all browser you can check CanIUse to see if the feature is supported.
Asking if a browser supports SVG 2 is like asking if a browser supports HTML5. It seems like a totally reasonable question, but it doesn't work like that.
The best we can do is test if a browser supports a feature, rather than a version of spec.

Add CKEditor add-ons to <pe:ckEditor>

I am using PrimeFaces Extensions <pe:ckEditor> which is basically a server side JSF component which generates the necessary HTML/CSS/JS code output for CKEditor. It works fine, however I have a new requirement which requires me to use either the PBCKCODE or the syntaxhighlighter add-on of CKEditor.
I have successfully created a customized version with those add-ons from their website. However, I have no clue how to integrate those add-ons in <pe:ckEditor>. How can I integrate those add-ons in <pe:ckEditor>?
Is there any reason why you don't want to use the CKEditor directly in stead of using it through pe:ckEditor? At least thats what I did in our project.

Problems with Telerik MVC Grid with CSS Framework EZ-CSS

I have a page layed out with EZ-CSS. On this page I have a Telerik MVC Grid. It works just fine except that column resizing and reordering is not working. Also Ajax databinding does not work. It always uses server binding.
The same grid worked perfectly on a page not layed out with EZ-CSS. So it seems that EZ-CSS did something that is not compatible with the grid.
Any ideas?
Well, I have to apologize to the EZ-CSS guys. I figured out that the problem was that I also changed to a newer jQuery version. My fault - never do multiple changes at once. Ok, here my findings: Telerik's MVC Grid works with jQuery 1.5.1. I upgraded to 1.6.2 and that is not compatible with the grid. After going back to jQuery 1.5.1 all worked fine together with EZ-CSS.

Resources