Ask a Question

Iframe is default set to display: inline

Hi there, we are currently developing a plugin which has a custom config view. The Problem is that regardless of the heigt of the content of the iframe, there is always a scroll bar, which makes it look a bit ugly. We found that the iframe element insidie of the coyo-iframe component has the css property "display: inline" which is the standard behaviour of an iframe. However this causes the scrollbar to always appear. Is there any way, we could set the iframe to a block element (display: "block"). This would solve the scrollbar problem, at least for this specific use case. Best regards Chris Langenberg

Bug Bounty Program Info

Hey team, I have found a critical bug in coyo which leads to sensitive information disclosure where can i report that bug?And do u have any bug bounty program?

Scrolling behavior for navigation with different content height

I am using the "observeHeight" function provided by the plugin adapter. And have noticed the following: Given: I have a plugin whose content causes the COYO page to display a scrollbar. Now, if I navigate between two pages within my plugin without scrolling on the COYO page, the COYO page scrolls down to the point where the top of the plugin is the top edge of the COYO page. Correct and expected behavior. However, if I now scroll down a bit on the COYO page itself and navigate back and forth between the two pages, the top edge of the COYO page is suddenly somewhere in the middle of my plugin. However, it should also start at the top as if I hadn't scrolled at all. My questions now are: is it the desired behavior? Or is it a known issue and is there a workaround? Best Regards André

Config View Width

Hey, I tried to influence the width of the custom config view dialog. The docs mention the format "{width}:{height}". I had no luck...tried different variations but saw no difference. Our plugins send updates via plugin-adapter during the entrypoint lifetime. I also disabled that just for testing. No luck :( Is that still working? BR, Lars.

The "static" Keyword broke the build Process

Hi there :) I am using Quasar with webpack for the frontend of my Plugin. I updated to the newest Version of the Plugin Adapter ( 1.1.0 ) and it broke the build of the frontend because of the static keyword from your plugin. This is used at 2 locations in the Plugin adapter: ```js export class PluginAdapter { static CONFIG_SRC_SUFFIX = '-cfg'; jwkStore; initAdapter; ``` and ```js export class JwkStore { static instance; localCryptoKeys = []; remoteCryptoOrigins = []; ``` I resolved the issue by adding the 'babel-loader' for the coyoapp folder in node_modules. **So if anyone stumbles across this, here is the solution i used:** ```js cfg.module.rules.push({ test: /\.js$/, include: path.resolve(__dirname, 'node_modules/@coyoapp'), use: [{ loader: 'babel-loader', }], }); ```

Iss attribute missing on 'init' token

Hi there :) I just upgraded to the newest Version of the Plugin Adapter and noticed, that the iss attribute, which should hold the current haiilo url according to your documentation, is missing. We need that attribute for our licencing system. So my question is: Will it come back or do i need to think of another way to get the current haiilo url? Best Regards Chris

Multilingual feature of Haiilo / COYO for Custom Plugins / Widgets?

In the context mentioned above, we (as third party plugin provider) have become aware of a problem regarding multilingualism. Your product basically allows multilingualism for your widgets. Unfortunately, this does not seem to work identically for 3rd party plugins / widgets. E.g. a poll once created in a content app of a page is copied 1:1 during translation of the content app, but as soon as you change the translated version, the "original" is also changed. Is the issue of multilingualism for custom plugins not possible in this way, or not possible at all?f

ERR8 "URL for CryptoKey not trusted."

We have our plugin in use in a COYO instance that is not running on the domain *.coyocloud.com. If the Coyo-plugin is included on a page, the error ERR8 "URL for CryptoKey not trusted." is displayed in the plugin. What do we need to do?

The data provided is invalid

I get a "The data provided is invalid" error message when I add a widget to a page in the "Edit-View". The selected entryPoint contains a text field for configuration. When saving the view, the request /web/widgets gets a 400 error code. The error message in the response mentioned "permissions". But what permissions do I need? 😅 Best, Simon Payload: {"insertedLayouts":[],"updatedLayouts":[],"deletedLayouts":[],"insertedWidgets":[{"slot":"layout-landing-page-04692d4d-4eb5-411c-8a2e-7282abd51df9-slot-header","widget":{"tempId":"540bd49e-195f-4f02-85a9-c6db8bf1829b","key":"plugin-03cfca76-9017-454c-a726-181a9ad1ffa9","parent":{"id":"04692d4d-4eb5-411c-8a2e-7282abd51df9","typeName":"landing-page"},"settings":{"_entryPointId":"4f434887-9289-48ac-986d-4ff1f37ab618","_srcId":"732a3dd5-6b1a-40d1-810c-512dfa7a282e-1aa4cf46-a278-4916-934b-ed710fd8847c","_config_episodeId":"61f2cd36-e68a-4f52-9f9f-2d9cd1065a9e"}}}],"updatedWidgets":[],"deletedWidgets":[],"slotOrders":[{"slot":"layout-landing-page-04692d4d-4eb5-411c-8a2e-7282abd51df9-slot-header","parent":{"id":"04692d4d-4eb5-411c-8a2e-7282abd51df9","typeName":"landing-page"},"widgetIds":["6b5d38d8-8f9c-43d3-8505-d6b0ce8deab3","540bd49e-195f-4f02-85a9-c6db8bf1829b"]}]} Response: {"errorStatus":"INVALID_ARGUMENTS","requestUri":"/web/widgets","timestamp":1647509371927,"context":{"message":"permissions"}}

Certificates docs vs news

Hej! trying to take security seriously we send the init-JWT to our plugin server and verify it against the published certificates. We ran into some problems and after some digging it seems the documentation just need an update: The navigation contains links to the (old?) certificates: https://dev.coyoapp.com/docs This changelog news entry contains links to all (incl. new) certs: https://dev.coyoapp.com/changelog/plug-in-certificate-change It would be great if you could align the documentation regarding the new certificates or give some explicit instructions which certificates should be used. BR, Lars.