Microsoft Content Management Server - SP2 + Security Patch + Firefox Postbacks (post KB914782)

Author

SP2 + Security Patch + Firefox Postbacks (post KB914782)

stevekgoodwin

2007-04-13, 7:15 am

I've installed SP2, the recent security patch and KB913400, KB914782,
KB913554, KB923755 (installed in that order) and Firefox postbacks
aren't working.

The version of Microsoft.ContentManagement.WebControls.dll is
5.0.5113.0 which is later than that mentioned in
http://support.microsoft.com/default.aspx?id=914782 (5.0.5104.0) which
addresses the issue (this issue does not manifest in an unpatched sp1a
environment).

The issue I see is Firefox postbacks fails on the
__CMS_PostbackForm.action = __CMS_CurrentUrl line with
"__CMS_PostbackForm is not defined":


<SCRIPT type="text/javascript">
<!--

var __CMS_PostbackFormBeenReset = false;

function __cmsRestFormAction()
{
if ( !__CMS_PostbackFormBeenReset )
{
// set form postback Url to be current translated CMS Url
__CMS_PostbackForm.action = __CMS_CurrentUrl;
}
}

Any hints?

Stefan Goßner [MSFT]

2007-04-14, 1:16 pm

Hi Steve,

please open a support case for this.
Might be a regression for this hotfix.

Cheers,
Stefan

"stevekgoodwin" <stevekgoodwin@gmail.com> wrote in message
news:1176449014.674642.45470@n59g2000hsh.googlegroups.com...
> I've installed SP2, the recent security patch and KB913400, KB914782,
> KB913554, KB923755 (installed in that order) and Firefox postbacks
> aren't working.
>
> The version of Microsoft.ContentManagement.WebControls.dll is
> 5.0.5113.0 which is later than that mentioned in
> http://support.microsoft.com/default.aspx?id=914782 (5.0.5104.0) which
> addresses the issue (this issue does not manifest in an unpatched sp1a
> environment).
>
> The issue I see is Firefox postbacks fails on the
> __CMS_PostbackForm.action = __CMS_CurrentUrl line with
> "__CMS_PostbackForm is not defined":
>
> 
> <SCRIPT type="text/javascript">
> <!--
>
> var __CMS_PostbackFormBeenReset = false;
>
> function __cmsRestFormAction()
> {
> if ( !__CMS_PostbackFormBeenReset )
> {
> // set form postback Url to be current translated CMS Url
> __CMS_PostbackForm.action = __CMS_CurrentUrl;
> }
> }
>
>
> Any hints?
>

stevekgoodwin

2007-04-23, 7:17 am

I've a support case opened for this issue, it was definitely
introduced by SP2, not MS07-018. No resolution from MS yet. I have
implemented a workaround which has let us install SP2 + the security
patch into production. I diffed the code between SP1a and SP2, and it
looks like a bug in Microsoft.ContentManagement.WebControls.dll (the
start/end blocks of javascript are injected under different
conditions), but that's just my conjecture at the moment.

WORKAROUND: Save these two lines into a file called SP2Workaround.js

__CMS_PostbackForm =3D document.forms['Form'];
__CMS_CurrentUrl =3D location.href

And include this page on all pages:

<script language=3D"JavaScript" type=3D"text/JavaScript" src=3D"/includes/
SP2Workaround.js"></script>

Steve.

On Apr 15, 12:10 am, "Stefan Go=DFner [MSFT]"
<stef...@online.microsoft.com> wrote:
> Hi Steve,
>
> please open a support case for this.
> Might be a regression for this hotfix.
>
> Cheers,
> Stefan
>
> "stevekgoodwin" <stevekgood...@gmail.com> wrote in message
>
> news:1176449014.674642.45470@n59g2000hsh.googlegroups.com...
>
>
>
>
>
>
>
>
>
>
> - Show quoted text -

Stefan Goßner [MSFT]

2007-04-23, 1:19 pm

Hi Steve,

there is a post SP2 hotfix for this:
http://support.microsoft.com/default.aspx?id=914782

I assumed you already installed this before installing the security fix.

Cheers,
Stefan

"stevekgoodwin" <stevekgoodwin@gmail.com> wrote in message
news:1177320792.040405.142740@e65g2000hsc.googlegroups.com...
I've a support case opened for this issue, it was definitely
introduced by SP2, not MS07-018. No resolution from MS yet. I have
implemented a workaround which has let us install SP2 + the security
patch into production. I diffed the code between SP1a and SP2, and it
looks like a bug in Microsoft.ContentManagement.WebControls.dll (the
start/end blocks of javascript are injected under different
conditions), but that's just my conjecture at the moment.

WORKAROUND: Save these two lines into a file called SP2Workaround.js

__CMS_PostbackForm = document.forms['Form'];
__CMS_CurrentUrl = location.href

And include this page on all pages:

<script language="JavaScript" type="text/JavaScript" src="/includes/
SP2Workaround.js"></script>

Steve.

On Apr 15, 12:10 am, "Stefan Goßner [MSFT]"
<stef...@online.microsoft.com> wrote:
> Hi Steve,
>
> please open a support case for this.
> Might be a regression for this hotfix.
>
> Cheers,
> Stefan
>
> "stevekgoodwin" <stevekgood...@gmail.com> wrote in message
>
> news:1176449014.674642.45470@n59g2000hsh.googlegroups.com...
>
>
>
>
>
>
>
>
>
>
> - Show quoted text -

stevekgoodwin

2007-04-23, 7:19 pm

Yep, hotfix 914782 is installed.

On Apr 24, 12:06 am, "Stefan Go=DFner [MSFT]"
<stef...@online.microsoft.com> wrote:
> Hi Steve,
>
> there is a post SP2 hotfix for this:http://support.microsoft.com/default.=
aspx?id=3D914782
>
> I assumed you already installed this before installing the security fix.
>
> Cheers,
> Stefan
>
> "stevekgoodwin" <stevekgood...@gmail.com> wrote in message
>
> news:1177320792.040405.142740@e65g2000hsc.googlegroups.com...
> I've a support case opened for this issue, it was definitely
> introduced by SP2, not MS07-018. No resolution from MS yet. I have
> implemented a workaround which has let us install SP2 + the security
> patch into production. I diffed the code between SP1a and SP2, and it
> looks like a bug in Microsoft.ContentManagement.WebControls.dll (the
> start/end blocks of javascript are injected under different
> conditions), but that's just my conjecture at the moment.
>
> WORKAROUND: Save these two lines into a file called SP2Workaround.js
>
> __CMS_PostbackForm =3D document.forms['Form'];
> __CMS_CurrentUrl =3D location.href
>
> And include this page on all pages:
>
> <script language=3D"JavaScript" type=3D"text/JavaScript" src=3D"/includes/
> SP2Workaround.js"></script>
>
> Steve.
>
> On Apr 15, 12:10 am, "Stefan Go=DFner [MSFT]"
>
>
>
> <stef...@online.microsoft.com> wrote:
>
>
>
>
>
>
>
>
>
>
>
>
>
> - Show quoted text -

Stefan Goßner [MSFT]

2007-04-24, 7:18 am

Hi Steve,

this is the fix that fixes the problem for SP2.
If the problem reoccurs after installing the security fix the problem is
related to the security fix and not to SP2.

Cheers,
Stefan

"stevekgoodwin" <stevekgoodwin@gmail.com> wrote in message
news:1177369982.275927.207080@p77g2000hsh.googlegroups.com...
Yep, hotfix 914782 is installed.

On Apr 24, 12:06 am, "Stefan Goßner [MSFT]"
<stef...@online.microsoft.com> wrote:
> Hi Steve,
>
> there is a post SP2 hotfix for
> this:http://support.microsoft.com/default.aspx?id=914782
>
> I assumed you already installed this before installing the security fix.
>
> Cheers,
> Stefan
>
> "stevekgoodwin" <stevekgood...@gmail.com> wrote in message
>
> news:1177320792.040405.142740@e65g2000hsc.googlegroups.com...
> I've a support case opened for this issue, it was definitely
> introduced by SP2, not MS07-018. No resolution from MS yet. I have
> implemented a workaround which has let us install SP2 + the security
> patch into production. I diffed the code between SP1a and SP2, and it
> looks like a bug in Microsoft.ContentManagement.WebControls.dll (the
> start/end blocks of javascript are injected under different
> conditions), but that's just my conjecture at the moment.
>
> WORKAROUND: Save these two lines into a file called SP2Workaround.js
>
> __CMS_PostbackForm = document.forms['Form'];
> __CMS_CurrentUrl = location.href
>
> And include this page on all pages:
>
> <script language="JavaScript" type="text/JavaScript" src="/includes/
> SP2Workaround.js"></script>
>
> Steve.
>
> On Apr 15, 12:10 am, "Stefan Goßner [MSFT]"
>
>
>
> <stef...@online.microsoft.com> wrote:
>
>
>
>
>
>
>
>
>
>
>
>
>
> - Show quoted text -