Comments (14)
Ah, this is a CORS issue cause the static files are on S3. Seems like the simplest solution is to update the app to have the tinymce files come from the app instead of S3.
http://stackoverflow.com/questions/572025/tiny-mce-popups-blank-in-django-admin
--
Cezar Jenkins
@emperorcezar
On December 5, 2013 at 4:18:01 PM, Sheila Miguez ([email protected]) wrote:
When trying to use one of the widgets like anchors, the url goes to an empty s3 page...
http://s3.amazonaws.com/chipy/tiny_mce/themes/advanced/anchor.htm
—
Reply to this email directly or view it on GitHub.
from chipy.org.
Can you make something like http://cdn.ChiPy.org/
point to the s3 bucket and use that as the STATIC_URL? I believe that takes care of this issue. Guess we'd have to add document.domain = "chipy.org";
to the tinymce js files too.
from chipy.org.
I've used this package before without issue https://github.com/ottoyiu/django-cors-headers
from chipy.org.
If someone wants to throw that together, I'd be happy to deploy it.
from chipy.org.
I don't think that solves the problem; we need the S3 bucket to respond to CORS requests with appropriate headers, not the ChiPy Django app.
The S3 instructions boil down to creating the below XML document and adding it as the cors
subresource to the bucket.
<CORSConfiguration>
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
</CORSRule>
</CORSConfiguration>
Can you try that?
from chipy.org.
Thanks. You're right. I had it backward. Issue now is that S3 won't return
the CORS headers unless the request includes an Origin header.
On Sun, May 4, 2014 at 4:17 PM, Adam Forsyth [email protected]:
I don't think that solves the problem; we need the S3 bucket to respond to
CORS requests with appropriate headers, not the ChiPy Django app.The S3 instructionshttp://docs.aws.amazon.com/AmazonS3/latest/dev/cors.htmlboil down to creating the below XML document and adding it as the
* GET
cors subresource to the bucket.Can you try that?
—
Reply to this email directly or view it on GitHubhttps://github.com//issues/54#issuecomment-42145346
.
from chipy.org.
The bucket appears to be working correctly for GET requests.
"Preflight" CORS requests seem to be 403ing. I think I misread the example rules. Can you try:
<CORSConfiguration>
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>DELETE</AllowedMethod>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
which should allow everything? I think the AllowedHeader
part is what was missing.
from chipy.org.
The issue, as far as I can tell, isn't the CORS settings at this point.
Because TinyMCE is loading the JS in iframes and not using XHR, there are
not preflight requests and no Origin
header. Without and Origin
header,
s3 wont' return the CORS headers.
Seems the only option is to use the subdomain trick and set
document.domain, or switch WYSIWYG editors. I'm going to try switching
editors first before I start with hacks.
On Mon, May 5, 2014 at 8:03 PM, Adam Forsyth [email protected]:
The bucket appears to be working correctlyhttp://client.cors-api.appspot.com/client#?client_method=GET&client_credentials=false&server_url=http%3A%2F%2Fchipy.s3.amazonaws.com%2Ftiny_mce%2Fplugins%2Finlinepopups%2Fskins%2Fclearlooks2%2Fimg%2Fbuttons.gif&server_enable=true&server_status=200&server_credentials=false&server_tabs=remotefor GET requests.
"Preflight" CORS requests seem to be 403ing. I think I misread the example
_ GET PUT POST DELETE _
rules. Can you try:which should just allow everything? I think the AllowedHeader part is
what was missing.—
Reply to this email directly or view it on GitHubhttps://github.com//issues/54#issuecomment-42258319
.
from chipy.org.
I turned off tinymce for flat pages till we get it sorted out, you can edit
the html directly.
On Mon, May 5, 2014 at 8:29 PM, Adam "Cezar" Jenkins <[email protected]
wrote:
The issue, as far as I can tell, isn't the CORS settings at this point.
Because TinyMCE is loading the JS in iframes and not using XHR, there are
not preflight requests and noOrigin
header. Without andOrigin
header,
s3 wont' return the CORS headers.Seems the only option is to use the subdomain trick and set
document.domain, or switch WYSIWYG editors. I'm going to try switching
editors first before I start with hacks.On Mon, May 5, 2014 at 8:03 PM, Adam Forsyth [email protected]:
The bucket appears to be working correctlyhttp://client.cors-api.appspot.com/client#?client_method=GET&client_credentials=false&server_url=http%3A%2F%2Fchipy.s3.amazonaws.com%2Ftiny_mce%2Fplugins%2Finlinepopups%2Fskins%2Fclearlooks2%2Fimg%2Fbuttons.gif&server_enable=true&server_status=200&server_credentials=false&server_tabs=remotefor GET requests.
"Preflight" CORS requests seem to be 403ing. I think I misread the
_ GET PUT POST DELETE _
example rules. Can you try:which should just allow everything? I think the AllowedHeader part is
what was missing.—
Reply to this email directly or view it on GitHubhttps://github.com//issues/54#issuecomment-42258319
.
from chipy.org.
Great, thanks.
from chipy.org.
Just came across this, would easily solve the issue, https://github.com/kennethreitz/dj-static
from chipy.org.
Any updates on this?
from chipy.org.
I have the backend using html for now. TinyMCE doesn't use an Origin header
so it's not going to work with S3. Kenneth Reitz has a good package for
Django that does static file hosting[0]. My next step is to use that for
the site so everything is on the domain.
[0] https://github.com/kennethreitz/dj-static
On Sun, Jun 1, 2014 at 11:53 AM, Brian Ray [email protected] wrote:
Any updates on this?
—
Reply to this email directly or view it on GitHub
#54 (comment)
.
from chipy.org.
This is now working.
from chipy.org.
Related Issues (20)
- As an Administrator I want Django Recaptcha for Captchas
- Upcoming Meetings Lost under the Fold
- Add Slack Invite Links to Portal HOT 3
- "Directions" text is displayed twice on the event page HOT 3
- Not clear how to log an issue
- Buddy Mentorship App HOT 2
- joining slack HOT 1
- need a friendly URL for potential presenters HOT 1
- Talk submission notifications are broken HOT 1
- Improve Speaker Form - Slide Link Documentation/Code fixes
- Improve Speaker Form - Simplify License HOT 2
- Improve Talk Submissions - Email Notifications for Speakers
- Talk topics should link to the meeting they were scheduled for, if applicable
- Separate Topics from meetings in list displays
- Separate sections in "my talks" for past talks and proposed talks
- Talk dashboard should show upcoming meetings and possible topics HOT 1
- upcoming_events shows previous evewnts HOT 2
- past meeting page has "submit a talk" link HOT 2
- Submit a Talk link 404 HOT 1
- past meetings list - SIGs are distracting HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from chipy.org.