Suspicious-looking URL handling in XlinkController

Created by: davemevans

XlinkController.resolve has a number of statements which I think are either incorrect or completely broken.

Testing URL against "http://" will break if assets are served from secure origins
element.originalContent.BaseURL will almost certainly be broken with the new BaseURL resolution code

        for (i = 0; i < resolveObject.elements.length; i++) {
            element = resolveObject.elements[i];
            if (element.url.indexOf('http://') !== -1) {
                url = element.url;
            } else {
                url = element.originalContent.BaseURL + element.url;
            }
            xlinkLoader.load(url, element, resolveObject);
        }

Does anyone have any manifests which will exercise these issues? We don't have any XLink streams at all.

@dsilhavy, @AkamaiDASH etc

Admin message

Suspicious-looking URL handling in XlinkController