iron-image icon indicating copy to clipboard operation
iron-image copied to clipboard

Published 20 hours ago verified publisher icon PolymerElements

protocol relative src broken

Open IntranetFactory opened this issue 7 years ago • 4 comments

It seems that https://github.com/PolymerElements/iron-image/commit/e7ef3ae5507cfa92aeb5567e84f5c8098e7058a5#diff-3005a2eaefe34d5d0afb8d08687f8aaeR394 has broken protocol relative url in src like

"//img.youtube.com/vi/18OXnzrw1V1/maxresdefault.jpg" is e.g. resolved to "http://localhost//img.youtube.com/vi/18OXnzrw1V1/maxresdefault.jpg"

expected: the value of a protocol relative src url should not be changed

the following change fixed the issue for me:

if (resolved[0] === '/') to if (resolved[0] === '/' && resolved.indexOf('//') != 0)

IntranetFactory avatar May 21 '17 20:05 IntranetFactory

This is considered an anti-pattern. Not sure they will want to implement it.

https://www.paulirish.com/2010/the-protocol-relative-url/

stramel avatar May 26 '17 22:05 stramel

It might be seen as an anti-pattern for public sites. But there are a lot intranet sites not using SSL. We have elements which can be used both on public facing and internal sites, and these elements will show “This Page Contains Both Secure and Non-Secure Items” without protocol-relative URLs.

Besides that did protocol-relative URLs worked in the past and had been broken without notice.

IntranetFactory avatar May 27 '17 10:05 IntranetFactory

broken still? https is not always the case, I think that there should be a way to work with and without SSL (without changing the code).

govis avatar Sep 18 '17 16:09 govis

IMO this issue should be fixed, if not, use the semantic versioning to remove this feature with a minor/major update providing support to previous versions to not broke dependants component usage.

AlbertoFdzM avatar Mar 21 '18 16:03 AlbertoFdzM