Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

JS client function isCrossDomain returns true for same website /host url #1156

Closed
Xiaohongt opened this Issue · 3 comments

3 participants

@Xiaohongt
Collaborator

JS client function isCrossDomain returns true for same website /host url.

This is not regression.

Repro:
request below website SignalRTest_Dev:

http://xiaota003-vm02/SignalRTest_Dev/Hubs/MyHub/myHub_proxy_url_83_dev40.html

in myHub_proxy_url_83_dev40.html, connection hub url set to same website:
$.connection.hub.url = 'http://xiaota003-vm02/signalrtest_dev/signalr

you also can try
http://signalrtest.azurewebsites.net/hubs/MyHub/myHub_proxy_url_83_dev.html
in page connection hub url set to :
$.connection.hub.url = 'http://signalrtest.azurewebsites.net/signalr';

In log or debugger, you can see that isCrossDomain function return true.

In isCrossDomain function, link.host always include port e.g. port 80 for the samples, but window.location.host doesn't include port in the samples:

    isCrossDomain: function (url) {
        var link;

        url = $.trim(url);
        if (url.indexOf("http") !== 0) {
            return false;
        }

        // Create an anchor tag.
        link = window.document.createElement("a");
        link.href = url;

        return link.protocol + link.host !== window.location.protocol + window.location.host;
    },
@rustd rustd was assigned
@NTaylorMullen NTaylorMullen referenced this issue from a commit
@NTaylorMullen NTaylorMullen Added a private removeDefaultPort function to parse port 80 from susp…
…ecting URL's

- Without parsing ports we can sometimes determine that we're
CrossDomain when we really aren't.  This happens in the case that the
user sets $.connection.hub.url to "http://foo.com:80/signalr".  In
window.location.host it doesn't pick up port 80 but if we create a
hyperlink to this url its host object will have port 80 listed.
#1156
a025658
@NTaylorMullen NTaylorMullen referenced this issue from a commit
@NTaylorMullen NTaylorMullen Added comments and additional logic to the isCrossDomain function
- Added a parameter that you can compare the url against.  This is
mostly useful for unit tests.

#1156
f22449b
@Xiaohongt
Collaborator

we also need handle the default port 443 for https

@NTaylorMullen NTaylorMullen referenced this issue from a commit
@NTaylorMullen NTaylorMullen Added the HTTPs port to the removeDefaultPort function
- This will ensure that port 443 will be stripped from URL's in links.

#1156
f16cdc1
@NTaylorMullen NTaylorMullen referenced this issue from a commit
@NTaylorMullen NTaylorMullen Modified the removeDefaultPort functionality to instead add default p…
…orts if they do not exist

- These added ports are not reflected in the URL itself, they are purely
used for comparison purposes.
- With this approach this does not special case port 80 and port 443
#1156
f474d71
@NTaylorMullen NTaylorMullen referenced this issue from a commit
@NTaylorMullen NTaylorMullen Updated some of the ConnectionUtilityFacts to reflect some super edge…
… cases

- Also went back and did some clean up on a few older tests

These commits were reviewed by @halter73
#1156
39cc6d9
@NTaylorMullen
Collaborator

@Xiaohongt This should be good for verification now

@Xiaohongt
Collaborator

verified

@Xiaohongt Xiaohongt closed this
@NTaylorMullen NTaylorMullen referenced this issue from a commit
Commit has since been removed from the repository and is no longer available.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.