Bug 1905416
| Summary: | Hyperlink not working from Operator Description | ||||||
|---|---|---|---|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Siddhant More <simore> | ||||
| Component: | Management Console | Assignee: | Jon Jackson <jonjacks> | ||||
| Status: | CLOSED ERRATA | QA Contact: | Siva Reddy <schituku> | ||||
| Severity: | low | Docs Contact: | |||||
| Priority: | low | ||||||
| Version: | 4.6 | CC: | aos-bugs, jokerman, jonjacks, krizza, sbhavsar, schituku, yapei | ||||
| Target Milestone: | --- | Keywords: | UpcomingSprint | ||||
| Target Release: | 4.7.0 | ||||||
| Hardware: | x86_64 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: |
Cause: Operator descriptions are rendered in a sandboxed iframe, which disables javascript within that iframe.
Consequence: When user clicks a `target="_blank"` link within a sandboxed iframe, the sandbox limitations are inherited by the new tab, so javascript will not run on pages that are externally linked this way.
Fix: Add `allow-popups-to-escape-sandbox` to operator description iframe sandbox attribute, which opens new tabs outside of the sandbox.
Result: External links from operator description iframes now open and run normally.
|
Story Points: | --- | ||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2021-02-24 15:41:14 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Moving this to Console, as this appears to be an issue with the UI. I tried the steps but didn't reproduce the issue, when I click on the hyperlinks in Description all links are opened `IBM Cloud Transformation Advisor`(hyperlink1) helps you plan, prioritize, and package your on-premise workloads for modernization on OpenShift Container Platform. Documentation for the product can be found `here`.(hyperlink2) I checked both on 4.6 and 4.7 Hi Yadan, Thanks for looking into this. I am still seeing the aforementioned issue. Can you confirm when you click(Left mouse click) on the hyperlink the page opens in a new tab, BUT the web-page content is blank? With a "Right-click + open in a new tab", the page opens in a new tab AND the web-page content loads as expected. I will soon share images of what I see and am meaning to say in order to showcase the issue. You are right Siddhant, I can reproduce your issue today and got exactly the same results with you it looks like when we left click the links, the content is blocked by browser Now instead of "here" link the urls are hard coded into the description. Not sure if it is intended solution so returning the bug back.
the pr is part of the commit
# git log 4aee12793b7c5e3594e5963bafc3d33bad026857 | grep '#7797'
Merge pull request #7797 from TheRealJon/1905416
Version:
4.7.0-0.nightly-2021-01-25-231006
Steps to reproduce:
the same exact steps mentioned in the bug description (https://bugzilla.redhat.com/show_bug.cgi?id=1905416#c0).
attached the screen shot of the issue.
Created attachment 1751079 [details]
URL instead of here link
Hi Siva,
>> Now instead of "here" link the urls are hard coded into the description. Not sure if it is intended solution so returning the bug back.
-> This is not an intended solution. The customer has modified the description to have the URL hardcoded so the end-users can copy->paste the URL into a browser and reach the destination page that will load the web page content completely. (Since it is the same as right-click, copy URL and then paste)
I believe the reason you are seeing the URL hardcoded in the description is that you chose to install v2.3 of the operator. Install the "stable" version of the operator and you will be able to see the hyperlinks. I can confirm the same at the time of writing this comment as I deployed the operator and verified it right now. The same about selecting the stable channel is mentioned in the bug description.
~~
~ IMP: Select "Update Channel" as "stable"
~~
I request you to give it a shot with the stable channel.
Thanks!
Follow the exact steps in https://bugzilla.redhat.com/show_bug.cgi?id=1905416#c0 After operator installed successfully, check Installed Operators description: `IBM Cloud Transformation Advisor` helps you plan, prioritize, and package your on-premise workloads for modernization on OpenShift Container Platform. Documentation for the product can be found `here`. click on the two hyperlinks and all pages are opened successfully Verified on 4.7.0-0.nightly-2021-02-02-164630 Clear my NEEDINFO Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:5633 The needinfo request[s] on this closed bug have been removed as they have been unresolved for 500 days |
Description of problem: There is an URL in CU's custom operator description section that redirects to a page outside of OCP. ~ When we click on this URL the external page fails to load. ~ When we open the URL in a new tab(Right-click + open in new tab) the page loads fine. Version-Release number of selected component (if applicable): RHOCP 4.6.z How reproducible: Always Steps to Reproduce: ================ - Prereq: ~ Create a project: ``` # cat ns.yaml kind: Project apiVersion: project.openshift.io/v1 metadata: name: ta-sample # oc create -f ns.yaml ``` ~ Create role binding `` # cat crb.yaml kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: ta-sample-cluster-admin subjects: - kind: ServiceAccount name: ta-operator namespace: ta-sample roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin # oc create -f crb.yaml `` - Install the operator. ~ Login to web-console ~ Navigate to Operator Hub ~ Search for "Transformation Advisor Operator" ~ Click "Install" ~ IMP: Select "Update Channel" as "stable" ~ Installed Namespace: Select the one we created(ta-sample) ~ Click "Install" ================ Actual results: Now that the operator is installed, check the following text from the operator description: ~~~ `IBM Cloud Transformation Advisor` helps you plan, prioritize, and package your on-premise workloads for modernization on OpenShift Container Platform. Documentation for the product can be found `here`. ~~~ Clicking on the hyperlink from the above text doesn't load the page. Expected results: Clicking on the hyperlinks should load the page. Additional info: The Operator Description contains a simple and valid link to a page on the partner's web site. However, when a user clicks on the link, the browser starts loading the target page, https://www.ibm.com/garage/method/practices/learn/ibm-transformation-advisor, which has a JavaScript link in the HTML header. This immediately causes the browser to abort the page load, because the iframe in which the loading is taking place was not configured by the OCP web server to allow off-site script execution.