Double // in path to normal.js | WordPress.org

Justin Jones
(@jjonesftw)

11 years ago

Hello, I’m getting these errors in my Chrome console:

GET http://domain.tld/wp-content/plugins/tubepress//src/main/web/players/normal/normal.js 403 (Forbidden) tubepress.js:1
Unsafe JavaScript attempt to access frame with URL http://domain.tld/video/ from frame with URL http://www.youtube.com/embed/pbgl86zx5NY?wmode=opaque&autohide=2&autoplay=0&enablejsapi=1&fs=1&loop=0&modestbranding=0&rel=0&showinfo=0. Domains, protocols and ports must match.

Basically, I’m concerned about the // in the path to normal.js because I use some .htaccess rules to increase security. See http://perishablepress.com/5g-firewall-beta/ That’s why the file is returning 403. I’ve removed that line from .htaccess for now, but I’m concerned that’s a security risk.

Is the // intended behavior? Or did I incorrectly configure something?

FYI- I’m hosting on a VPS running Ubuntu 10.04 and Apache

http://wordpress.org/extend/plugins/tubepress/

Viewing 1 replies (of 1 total)

Plugin Author Eric
(@k2eric)

11 years ago

The // is a typo, and in this case is relatively benign as the duplicate slash is ignored by browsers.

You should be able to change this line from:

return $tubepress_base_url . '/' . $player->getRelativePlayerJsUrl();

to

return $tubepress_base_url . $player->getRelativePlayerJsUrl();

Give that a try and let us know? If it works for you as well I’ll include the fix in the next release of TubePress. Thanks.

Viewing 1 replies (of 1 total)

The topic ‘Double // in path to normal.js’ is closed to new replies.

In: Plugins
1 reply
2 participants
Last reply from: Eric
Last activity: 11 years ago
Status: not resolved