Uploaded image for project: 'ZK'
  1. ZK
  2. ZK-1703

ZK loads remote PNGs

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Later
    • Resolution: Fixed
    • Affects Version/s: 6.5.1
    • Fix Version/s: 7.0.6
    • Component/s: ZK Loader
    • Labels:
      None

      Description

      norm.css.dsp loads two PNGs from the wild:

      background-image: url('http://www.zkoss.org/zk/img/${z:encodeWithZK("zkpowered.png")}')
      background-image: url('http://www.zkoss.org/zk/img/${z:encodeWithZK("zkuptime.png")}')

      For starters, ZK shouldn't call home like this. Secondly, the ZK webapp may not have a route to the wild. Thirdly, this causes mixed content warnings when running under HTTPS.

      Please load these images from within the webapp, and not make remote calls for them.

        Attachments

          Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. ZK-2693 HTTPS/SSL errors due to fonts.googleapis.com import

          • Normal - Normal
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. ZK-4828 remove externally loaded resources with internal refs.

          • Normal - Normal
          • Closed

            Activity

              People

              Assignee:
              Hudson Hudson
              Reporter:
              emersonf emersonf
              Votes:
              5 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: