Description
There seems to be a bug in
wiki/htdocs/applets/moinFCKplugins/selection/fckplugin.js
which lets crash IE6 ... IE8 if you place the cursor in the GUI editor right of an image and you press enter to create a new line.
Steps to reproduce
Go in GUI editor mode, place the cursor right of the image above and press enter in Internet Explorer. You will see, that it freezes.
Component selection
wiki/htdocs/applets/moinFCKplugins/selection/fckplugin.js
Details
MoinMoin Version |
1.8, 1.9 |
OS and Version |
Windows XP, Windows Vista |
Python Version |
2.6 |
Server Setup |
WikiServer.py |
Server Details |
|
Language you are using the wiki in (set in the browser/UserPreferences) |
english, Internet Explorer 7-8 |
Workaround
There seems to be a problem in an enhancement of the selection code in the FCKeditor (GUI editor) once created for MoinMoin, which in certain conditions runs in an endless loop.
Patch 1
I added a timeout cntr which breaks execution in this case.
The following patch is running in our compony wiki since three months without problems. Don't know what exactly the reason for this behaviour is.
Apply this patch:
diff -r acf949143248 wiki/htdocs/applets/moinFCKplugins/selection/fckplugin.js
--- a/wiki/htdocs/applets/moinFCKplugins/selection/fckplugin.js Sun Nov 01 14:37:14 2009 +0100
+++ b/wiki/htdocs/applets/moinFCKplugins/selection/fckplugin.js Tue Nov 03 23:04:18 2009 +0100
@@ -91,6 +91,7 @@
var parent = oRange.parentElement();
var oNode = null;
var following_text = 0;
+ var timeout = 0;
// selection in empty tag
if ( !parent.hasChildNodes() )
@@ -106,6 +107,11 @@
// and then compare start of both range(oRange, oTmpRange)
while (oNode)
{
+ timeout++;
+
+ if( timeout > 400)
+ return parent;
+
if (oNode.nodeName != "#text")
{
following_text = false;
@@ -131,6 +137,7 @@
following_text = true;
}
try {
oNode = oNode.nextSibling;
}
Hint for further research
As I was not too happy with patch 1 (it doesn't fix anything, it just limits the loop to 400 rounds), I had a look at the js code and found some suspiciously looking code:
# selection/fckplugin.js, about line 107+:
while (oNode)
{
if (oNode.nodeName != "#text")
{
# ...
}
else // oNode.nodeName == '#text'
{
# ...
try {
oNode = oNode.nextSibling; ## what can go wrong here? oNode not having a nextSibling attribute?
}
catch (e) {
if (parent.childNodes.length>=2) ## imagine the case we have >= 2 childnodes and we are currently at
{ ## childNodes[1] and we get into this exception handler here somehow.
oNode = parent.childNodes[1]; ## in that case, oNode will stay at the same node, likely triggering
## exactly the same problem again and again in an infinite loop.
## BROKEN!
}
else
{
return parent; ## similar method can be seen at another place for the other direction
}
} // end of catch
} // end of else
} // end of while
Analysis
I used the internal debugger of IE8 (thanks god that IE8 has something comparable to firebug now) to analyze the endless loop and found out, that after setting the cursor right of a picture and pressing enter the local variables window looks strange:
"Ungültiges Argument" is german for "invalid expression". I have absolutely no idea how this can happen but we could test for this and then break processing.
Discussion
Please: first find out what exactly the problem is, before trying to "fix" something.
I had this problem yesterday also and could reproduce this behavior on this wiki with IE8 on Windows XP. Pressing "Return" after an PNG image (JPG works), will freeze the internet explorer completly and you have to kill the process manualy. With Firefox I couldn't reproduce this error. MarcelHäfner Does it also happen if you disable your virus scanner?
Plan
- Priority:
- Assigned to:
- Status: