Skip to content

Commit 4e0b0d6

Browse files
github-actions[bot]github-actions[bot]
committed
1 parent bf23e06 commit 4e0b0d6

File tree

1 file changed

+74
-44
lines changed

1 file changed

+74
-44
lines changed

app/webapp/cc/Server.js

Lines changed: 74 additions & 44 deletions
Original file line numberDiff line numberDiff line change
@@ -148,54 +148,84 @@ sap.ui.define(["sap/ui/core/BusyIndicator", "sap/m/MessageBox"
148148
}
149149
},
150150
responseError(response) {
151-
// Security: Display HTML response in iframe for safe rendering
152-
BusyIndicator.hide();
151+
152+
// Security: Display HTML response in iframe for safe rendering
153+
BusyIndicator.hide();
153154

154-
// Limit response length to prevent UI issues
155-
const maxLength = 50000; // Increased for HTML content
156-
let errorMessage = String(response);
157-
if (errorMessage.length > maxLength) {
158-
errorMessage =
159-
errorMessage.substring(0, maxLength) +
160-
"\n\n<!-- Content truncated - too long -->";
161-
}
155+
// Limit response length to prevent UI issues
156+
const maxLength = 50000;
157+
let errorMessage = String(response);
158+
if (errorMessage.length > maxLength) {
159+
errorMessage = errorMessage.substring(0, maxLength) +
160+
"\n\n<!-- Content truncated - too long -->";
161+
}
162+
163+
// Create or get existing error container
164+
let errorContainer = document.getElementById("serverErrorContainer");
165+
if (!errorContainer) {
166+
errorContainer = document.createElement("div");
167+
errorContainer.id = "serverErrorContainer";
168+
errorContainer.style.cssText = `
169+
position: fixed;
170+
top: 50%;
171+
left: 50%;
172+
transform: translate(-50%, -50%);
173+
width: 90%;
174+
height: 90%;
175+
background: white;
176+
border: 2px solid #d32f2f;
177+
border-radius: 4px;
178+
box-shadow: 0 4px 6px rgba(0,0,0,0.3);
179+
z-index: 9999;
180+
display: flex;
181+
flex-direction: column;
182+
`;
183+
document.body.appendChild(errorContainer);
184+
}
162185

163-
// Create or get existing error container
164-
let errorContainer = document.getElementById("serverErrorContainer");
165-
if (!errorContainer) {
166-
errorContainer = document.createElement("div");
167-
errorContainer.id = "serverErrorContainer";
168-
errorContainer.style.cssText = `
169-
position: fixed;
170-
top: 50%;
171-
left: 50%;
172-
transform: translate(-50%, -50%);
173-
width: 90%;
174-
height: 90%;
175-
background: white;
176-
border: 2px solid #d32f2f;
177-
border-radius: 4px;
178-
box-shadow: 0 4px 6px rgba(0,0,0,0.3);
179-
z-index: 9999;
180-
display: flex;
181-
flex-direction: column;
182-
`;
183-
document.body.appendChild(errorContainer);
184-
}
186+
// Create header with close button and iframe for safe HTML rendering
187+
errorContainer.innerHTML = `
188+
<div style="padding: 15px; background: #d32f2f; color: white; display: flex; justify-content: space-between; align-items: center;">
189+
<h3 style="margin: 0;">Server Error - Please Restart The App</h3>
190+
<button id="errorCloseBtn" style="background: rgba(255,255,255,0.2); color: white; border: 1px solid white; padding: 5px 15px; cursor: pointer; border-radius: 3px; font-size: 16px;">
191+
✕ Close
192+
</button>
193+
</div>
194+
<iframe id="errorIframe" style="width: 100%; height: 100%; border: none; flex: 1;" sandbox=""></iframe>
195+
`;
185196

186-
// Create header and iframe for safe HTML rendering
187-
errorContainer.innerHTML = `
188-
<div style="padding: 15px; background: #d32f2f; color: white; display: flex; justify-content: space-between; align-items: center;">
189-
<h3 style="margin: 0;">Server Error - Please Restart The App</h3>
190-
</div>
191-
<iframe id="errorIframe" style="width: 100%; height: 100%; border: none; flex: 1;" sandbox="allow-same-origin"></iframe>
192-
`;
197+
// Get iframe element
198+
const iframe = document.getElementById("errorIframe");
199+
const closeBtn = document.getElementById("errorCloseBtn");
193200

194-
// Render HTML in iframe (sandbox for security)
195-
const iframe = document.getElementById("errorIframe");
196-
iframe.contentDocument.open();
197-
iframe.contentDocument.write(errorMessage);
198-
iframe.contentDocument.close();
201+
// Render HTML in iframe with strictest sandbox (no permissions)
202+
try {
203+
iframe.contentDocument.open();
204+
iframe.contentDocument.write(errorMessage);
205+
iframe.contentDocument.close();
206+
} catch (e) {
207+
// Fallback: If iframe fails, show error message
208+
console.error('Could not render error in iframe:', e);
209+
iframe.style.display = 'none';
210+
const errorDiv = document.createElement('div');
211+
errorDiv.style.cssText = 'padding: 20px; overflow: auto; flex: 1;';
212+
errorDiv.textContent = 'Error rendering server response. Check console for details.';
213+
errorContainer.appendChild(errorDiv);
214+
}
215+
216+
// Close button handler
217+
closeBtn.addEventListener('click', function() {
218+
errorContainer.remove();
219+
});
220+
221+
// Close on Escape key
222+
const escapeHandler = function(event) {
223+
if (event.key === 'Escape') {
224+
errorContainer.remove();
225+
document.removeEventListener('keydown', escapeHandler);
226+
}
227+
};
228+
document.addEventListener('keydown', escapeHandler);
199229

200230
},
201231
};

0 commit comments

Comments
 (0)