Skip to content

JS client function isCrossDomain returns true for same website /host url #1156

Closed
Xiaohongt opened this Issue Dec 18, 2012 · 3 comments

3 participants

@Xiaohongt
SignalR member

JS client function isCrossDomain returns true for same website /host url.

This is not regression.

Repro:
request below website SignalRTest_Dev:

http://xiaota003-vm02/SignalRTest_Dev/Hubs/MyHub/myHub_proxy_url_83_dev40.html

in myHub_proxy_url_83_dev40.html, connection hub url set to same website:
$.connection.hub.url = 'http://xiaota003-vm02/signalrtest_dev/signalr

you also can try
http://signalrtest.azurewebsites.net/hubs/MyHub/myHub_proxy_url_83_dev.html
in page connection hub url set to :
$.connection.hub.url = 'http://signalrtest.azurewebsites.net/signalr';

In log or debugger, you can see that isCrossDomain function return true.

In isCrossDomain function, link.host always include port e.g. port 80 for the samples, but window.location.host doesn't include port in the samples:

    isCrossDomain: function (url) {
        var link;

        url = $.trim(url);
        if (url.indexOf("http") !== 0) {
            return false;
        }

        // Create an anchor tag.
        link = window.document.createElement("a");
        link.href = url;

        return link.protocol + link.host !== window.location.protocol + window.location.host;
    },
@NTaylorMullen NTaylorMullen added a commit that referenced this issue Dec 21, 2012
@NTaylorMullen NTaylorMullen Added a private removeDefaultPort function to parse port 80 from susp…
…ecting URL's

- Without parsing ports we can sometimes determine that we're
CrossDomain when we really aren't.  This happens in the case that the
user sets $.connection.hub.url to "http://foo.com:80/signalr".  In
window.location.host it doesn't pick up port 80 but if we create a
hyperlink to this url its host object will have port 80 listed.
#1156
a025658
@NTaylorMullen NTaylorMullen added a commit that referenced this issue Dec 21, 2012
@NTaylorMullen NTaylorMullen Added comments and additional logic to the isCrossDomain function
- Added a parameter that you can compare the url against.  This is
mostly useful for unit tests.

#1156
f22449b
@Xiaohongt
SignalR member

we also need handle the default port 443 for https

@NTaylorMullen NTaylorMullen added a commit that referenced this issue Jan 3, 2013
@NTaylorMullen NTaylorMullen Added the HTTPs port to the removeDefaultPort function
- This will ensure that port 443 will be stripped from URL's in links.

#1156
f16cdc1
@NTaylorMullen NTaylorMullen added a commit that referenced this issue Jan 3, 2013
@NTaylorMullen NTaylorMullen Modified the removeDefaultPort functionality to instead add default p…
…orts if they do not exist

- These added ports are not reflected in the URL itself, they are purely
used for comparison purposes.
- With this approach this does not special case port 80 and port 443
#1156
f474d71
@NTaylorMullen NTaylorMullen added a commit that referenced this issue Jan 3, 2013
@NTaylorMullen NTaylorMullen Updated some of the ConnectionUtilityFacts to reflect some super edge…
… cases

- Also went back and did some clean up on a few older tests

These commits were reviewed by @halter73
#1156
39cc6d9
@NTaylorMullen

@Xiaohongt This should be good for verification now

@Xiaohongt
SignalR member

verified

@Xiaohongt Xiaohongt closed this Jan 3, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.