Under Review
Last Updated: 09 Nov 2020 16:45 by ADMIN
Created by: Dave
Comments: 0
Category: ComboBox
Type: Bug Report
1

The OnClientTextChange event is triggered inconsistently in RadComboBox.

Typing custom text in the following RadComboBox and pressing enter does not fire the event:

        <script lang="javascript" type="text/javascript">
            function OnClientTextChange(sender, eventArgs) {
                alert("You typed " + sender.get_text());
            }
        </script>

        <telerik:RadComboBox
            ID="RadComboBox1"
            runat="server"
            AllowCustomText="true"
            OnClientTextChange="OnClientTextChange">
            <Items>
                <telerik:RadComboBoxItem Text="item1" Value="item1" />
                <telerik:RadComboBoxItem Text="item12" Value="item12" />
                <telerik:RadComboBoxItem Text="aaaa" Value="aaa" />
                <telerik:RadComboBoxItem Text="bbbb" Value="bbb" />
                <telerik:RadComboBoxItem Text="AAAA1" Value="AAAA1" />
                <telerik:RadComboBoxItem Text="bbbb1" Value="bbb1" />
                <telerik:RadComboBoxItem Text="item11" Value="item11" />
            </Items>
        </telerik:RadComboBox>

Under Review
Last Updated: 29 Sep 2020 12:46 by ADMIN
Created by: Dhiraj
Comments: 3
Category: UI for ASP.NET AJAX
Type: Bug Report
1

Greetings!

Description:

I have found a Cross-Site Scripting issue in the rich text editor, RadEditor. This is not in a body where user provides certain strings, rather it's in the text properties which gets sent along with the user input, such as font-style. The developers were able to follow the filtering mechanisms given in at https://docs.telerik.com/devtools/aspnet-ajax/controls/editor/managing-content/prevent-cross-site-scripting-(xss), but it provides protection for the inputs given in <textarea>, and for the properties values. Hence XSS is still possible

 

Steps for Reproduction:

 

1. Open up the text editor {{Screenshot 2020-09-23 at 12.08.51 PM.png}}

2. Input a string and change its font style.

3. Click on submit and intercept the request. {{Screenshot 2020-09-23 at 12.14.45 PM.png}}

4. Now we need to modify the request body for parameter of texteditor's ID. You may notice that the font-style is set and sent by using a <span>.

RadEditor1=%253cspan%20style%253d%2522font-family%253a%20%2527MS%20Sans%20Serif%2527%253b%2522%253etextexttext%253c%2Fspan%253e

Change parameter 'RadEditor1's value with the following:

RadEditor1=%253cspan%20onmouseover%253d%2522document.body.innerHTML%253d%2527ioioioioioioioioo%2527%252bdocument.cookie%2522%20style%253d%2522font-family%253a%20%2527MS%20Sans%20Serif%2527%253b%2522%253etextexttext%253c%2Fspan%253e

5. Submit and notice the 200 OK response. Now go to the text editor and notice that the string texttexttext can be seen. {{Screenshot 2020-09-23 at 12.24.18 PM.png}}

6. Put a mouse cursor on the string and notice that it gets changed to ioioioioioioioioo<domainCookies>.

 

##################

Please let me know if given information doesn't suffice the abilities for reproduction.

 

Thanks,

Dhiraj

Under Review
Last Updated: 21 Sep 2020 11:56 by ADMIN

We used Telerik in our application. The network team reported a spam in it.

Using Telerik grid with SortExpression in telerik:GridTemplateColumn, has been reported as high priority network issue.

 

Issue name : Ajax request header manipulation (DOM-based)

 

Recorded the issue in below snippet of responce.

onclick="Telerik.Web.UI.Grid.Sort()"

 

Please let me know if you have any suggestions.!!!

Under Review
Last Updated: 18 Sep 2020 12:53 by ADMIN

Reproduction of the issue

RadGrid declaration

<telerik:RadButton runat="server" Text="PostBack"  AutoPostBack="true"></telerik:RadButton>
<telerik:RadGrid runat="server" ID="RadGrid2">
    <MasterTableView DataKeyNames="Column1" ClientDataKeyNames="Column1" CommandItemDisplay="Top">
            <Columns>
            <telerik:GridBoundColumn UniqueName="Col1" DataField="Column1" HeaderText="Col1"s></telerik:GridBoundColumn>
                <telerik:GridBoundColumn UniqueName="Col2" DataField="Column2" HeaderText="Col2"></telerik:GridBoundColumn>
                <telerik:GridBoundColumn UniqueName="Co13" DataField="Column3" HeaderText="Co13"></telerik:GridBoundColumn>
                <telerik:GridBoundColumn UniqueName="Col4" DataField="Column4" HeaderText="Col4"></telerik:GridBoundColumn>
        </Columns>
    </MasterTableView>
    <ClientSettings ReorderColumnsOnClient="false" AllowColumnsReorder="true">
            <DataBinding Location="~/Api/RevCodeGrid" SelectMethod="GetDataAndCount2"   >
        </DataBinding>
    </ClientSettings>
</telerik:RadGrid>

 

RevCodeGridController

public class Test
{
    public String Column1 { get; set; }
    public String Column2 { get; set; }
    public String Column3 { get; set; }
    public String Column4 { get; set; }
}


[HttpPost]
public virtual RadGridResultData GetDataAndCount2(object context)
{
    List<Test> items = new List<Test>();
    items.Add(new Test() { Column1 = "1", Column2 = "A", Column3 = "A1", Column4 = "A12" });
    items.Add(new Test() { Column1 = "2", Column2 = "B", Column3 = "B1", Column4 = "B12" });
    items.Add(new Test() { Column1 = "3", Column2 = "C", Column3 = "C1", Column4 = "C12" });
    items.Add(new Test() { Column1 = "4", Column2 = "D", Column3 = "D1", Column4 = "D12" });

    return new RadGridResultData { Data = items, Count = items.Count };
}

 

 

 

 

 

 

 

Under Review
Last Updated: 24 Aug 2020 14:42 by ADMIN

Example demo: https://demos.telerik.com/aspnet-ajax/combobox/examples/overview/defaultcs.aspx

And here's what JAWS sees:

Note the extra unlabeled "Button" following every combo box. This is confusing to the reader. They have no way to know that it is associated with the preceding field.

Additionally, I've noted that when aria-support is turned on, this button becomes focusable. Tabindex="0" is added to the span inside the text box. We prefer the older functionality where the button was not a tab stop. Which is the same behavior you have when aria support is turned off. For reference, see your own aria demo:

Note that the tab key stops on the drop down arrow. (You can check the previously linked demo and see that the arrows in those boxes are not tab stops.)

If right-click the arrow and inspect, you'll find the following: 

<span id="ctl00_ContentPlaceholder1_RadComboBox2_Arrow" class="p-icon p-i-arrow-60-down" role="button" aria-controls="ctl00_ContentPlaceholder1_RadComboBox2_listbox" tabindex="0"></span>

Adding aria support should not change behavior, so we'd prefer the tab stop was removed.

In our own application, we have additional problems when the button is focused and activated with either the "space" or "enter" keys, it refocuses the field, but it does not actually open the drop down. I do not see that problem in your demo. However, if the arrow button was removed as a tab stop and from the INS+F5 dialog, this would not be a problem.

Please note that all of the above is in Chrome. 

Workaround: 

Using the following code in the OnClientLoad event of the ComboBox:

  var _DropDown_OnClientLoad = function (sender, args) {
    var input = sender.get_inputDomElement();

    //Remove tabindex from down-arrow button. We never want to focus this button.
    $telerik.$(input).siblings("button").find("[role=button]").attr("tabindex", null);

    //hide the down-arrow button from screen readers. The entire combo box
    //should be considered a single control.
    $telerik.$(input).siblings("button").attr("aria-hidden", "true");
}

 

Under Review
Last Updated: 04 Aug 2020 11:17 by ADMIN
When setting client events in a RadTextBox and using an EmptyMessage, the EmptyMessage will trigger the event on page load.  This is true for a multiple TextMode but others are untested. 
Under Review
Last Updated: 03 Jan 2020 14:15 by ADMIN
We are using List box item scroll into view to scroll to the item selected in the list box. However, the scroll is not working in the Chrome browser in a UHD touch screen laptop device.
Under Review
Last Updated: 02 Jan 2020 16:48 by ADMIN
RadCodeBLock and RadScriptBlock is not able to handle the server tags for all case scenarios, hence RadAjaxManager throws the exception mentioned in the title.
Under Review
Last Updated: 11 Nov 2019 10:34 by ADMIN
Scheduled for 2018.R1

In Internet Explorer version 11.418.18362.0, when hovering over the lower-right dot the cursor doesn't change to the expected cross-hair. 

 

To Reproduce:

1. Open IE11

2. Navigate to the ASP.NET Spreadsheet Demo

3. Highlight a few cells

4. Hover the cursor over the lower-right dot

Expected Behavior:

The cursor changes to a thin cross-hair icon but it doesn't change in IE 11.

Under Review
Last Updated: 02 Sep 2019 14:59 by ADMIN
In Telerik version 2016.2.607.45, the RadGrid Excel Like Filtering Context Menu Style is Broken. The width and alignment is not 100%. When I drop the older Telerik.Web.UI dll and corresponding Skins dll in my project, the issue is gone. I have attached two images, one from the latest release, and one from the older version. You can see how the latest versions style breaks and does not show the menu correctly. 
Under Review
Last Updated: 01 Jun 2018 09:06 by ADMIN
ADMIN
Created by: Peter Milchev
Comments: 0
Category: UI for ASP.NET AJAX
Type: Bug Report
1
https://www.telerik.com/support/kb/aspnet-ajax/details/cannot-scroll-telerik-control-in-ios-11.3---the-page-scrolls-instead
Under Review
Last Updated: 01 May 2018 15:22 by ADMIN
Created by: Patrik Johansson
Comments: 1
Category: UI for ASP.NET AJAX
Type: Bug Report
1
Hi,

Make configuration wizards work even on high resolution screens with scaling. See attached screen shot. 

Regards,
Patrik Johansson
Under Review
Last Updated: 01 May 2018 13:30 by ADMIN
As I'm using RadDatePicker in my Grid,

In RadGrid for the first time, the image beside the calendar control renders as expected.

As soon as I enter into "InLine" edit mode there would be 2 images rendered beside the control.

And after clicking on cancel there is no change in the image beside the control.

Also attached the screenshot for the same.
Under Review
Last Updated: 07 Mar 2018 19:52 by ADMIN
Scrolling by touching the white space between the tiles is possible.

If you disable selection scrolling can work as expected.

Note that for tablets the scrolling container must be an element outside of the tilelist.
A workaround that fixes the majority of the issues is available in the attached sample.
Under Review
Last Updated: 22 Mar 2017 18:35 by Yasha
When multiple RadButtons (ButtonType="ToggleButton" ToggleType="Radio") are grouped through GroupName property, the server-side property checked doesn't take effect when the button which is to be checked is declared before the current checked button.

The workaround is to execute JavaScript from the server which sets the checked property. For example:

C#:

        string script = "function f(){$find(\"" + RadButton1.ClientID + "\").set_checked(true); Sys.Application.remove_load(f);}Sys.Application.add_load(f);";
        ScriptManager.RegisterStartupScript(this, this.GetType(), "key", script, true);

Under Review
Last Updated: 28 Jul 2016 13:23 by Priyanka
Wave Structure/Order is giving an error for RadSpell Control at "Not in Dictionary" label and Suggestions label. Hence our 508 testing is not passed. 

Please find the attachment for more details.

URL is: http://demos.telerik.com/aspnet-ajax/spell/examples/overview/defaultcs.aspx

Missing <h1> of Spell Check at the top of the dialog.

Not in Dictionary and Suggestions should not be headings they should be form labels.


Thanks
Under Review
Last Updated: 27 Jun 2016 15:19 by ADMIN
Upgrading to UI for ASP.NET AJAX Q2 2015 (2015.2.729.45) sets requestLimits maxAllowedContentLength in web.config to 

<requestLimits maxAllowedContentLength="0" /> <!--8MB Max upload-->

resulting in errors like "PRM_ServerError" on postbacks.
Under Review
Last Updated: 14 Jun 2016 15:05 by ADMIN
Created by: Stephan
Comments: 3
Category: Grid
Type: Bug Report
0
With the use of the "UseStaticHeaders"-Parameter all ARIA-Tags are gone in the rendered RadGrid.
We need the support of WAI-ARIA in our application for our customer.
Dont using this Parameter is no option for us.
You are not telling this missing function in your documentation.
Under Review
Last Updated: 07 Jun 2016 06:09 by ADMIN
Created by: akihiro
Comments: 1
Category: Editor
Type: Bug Report
0
It becomes the operation of Chrome only.

after the new line, if you type continuously double-byte character string "あい",the input result was "い".
The correct answer is "あい".

For operation that does not occur in earlier versions, I think I've considered this release version of the bug, the cause can be identified?
Under Review
Last Updated: 09 Mar 2016 16:49 by ADMIN
1 2