Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Merge branch 'issue-2234' into 1.0-stable

  • Loading branch information...
commit 93a1b47bde2a4997a5be4288ac536c02cf56c214 2 parents 2c5de9b + 33add3b
@johnbender johnbender authored
View
20 js/jquery.mobile.navigation.js
@@ -245,6 +245,19 @@
return ( u.hash && ( u.hrefNoHash === documentUrl.hrefNoHash || ( documentBaseDiffers && u.hrefNoHash === documentBase.hrefNoHash ) ) );
}
return (/^#/).test( u.href );
+ },
+
+
+ // Some embedded browsers, like the web view in Phone Gap, allow cross-domain XHR
+ // requests if the document doing the request was loaded via the file:// protocol.
+ // This is usually to allow the application to "phone home" and fetch app specific
+ // data. We normally let the browser handle external/cross-domain urls, but if the
+ // allowCrossDomainPages option is true, we will allow cross-domain http/https
+ // requests to go through our page loading logic.
+ isPermittedCrossDomainRequest: function( docUrl, reqUrl ) {
+ return $.mobile.allowCrossDomainPages
+ && docUrl.protocol === "file:"
+ && reqUrl.search( /^https?:/ ) != -1;
}
},
@@ -1220,7 +1233,6 @@
return path.makeUrlAbsolute( url, base);
}
-
//The following event bindings should be bound after mobileinit has been triggered
//the following function is called in the init file
$.mobile._registerInternalEvents = function(){
@@ -1256,8 +1268,7 @@
url = path.makeUrlAbsolute( url, getClosestBaseUrl($this) );
- //external submits use regular HTTP
- if( path.isExternal( url ) || target ) {
+ if(( path.isExternal( url ) && !path.isPermittedCrossDomainRequest(documentUrl, url)) || target ) {
return;
}
@@ -1365,12 +1376,11 @@
// data. We normally let the browser handle external/cross-domain urls, but if the
// allowCrossDomainPages option is true, we will allow cross-domain http/https
// requests to go through our page loading logic.
- isCrossDomainPageLoad = ( $.mobile.allowCrossDomainPages && documentUrl.protocol === "file:" && href.search( /^https?:/ ) != -1 ),
//check for protocol or rel and its not an embedded page
//TODO overlap in logic from isExternal, rel=external check should be
// moved into more comprehensive isExternalLink
- isExternal = useDefaultUrlHandling || ( path.isExternal( href ) && !isCrossDomainPageLoad );
+ isExternal = useDefaultUrlHandling || ( path.isExternal( href ) && !path.isPermittedCrossDomainRequest(documentUrl, href) );
if( isExternal ) {
httpCleanup();
View
15 tests/unit/navigation/navigation_helpers.js
@@ -215,4 +215,19 @@
same( $.mobile.path.cleanHash( "#anything/atall?akjfdjjf" ), "anything/atall", "removes query param");
same( $.mobile.path.cleanHash( "#nothing/atall" ), "nothing/atall", "removes query param");
});
+
+ test( "path.isPermittedCrossDomainRequest", function() {
+ var fileDocUrl = $.mobile.path.parseUrl( "file://foo" );
+
+ $.mobile.allowCrossDomainPages = false;
+ same( $.mobile.path.isPermittedCrossDomainRequest( "foo", "bar"), false, "always false from the setting");
+
+
+ $.mobile.allowCrossDomainPages = true;
+ // test the two states of the file protocol logic
+ same( $.mobile.path.isPermittedCrossDomainRequest( fileDocUrl, "http://bar.com/foo"), true, "external url from file protocol succeeds");
+
+ same( $.mobile.path.isPermittedCrossDomainRequest( fileDocUrl, "file://foo"), false, "two file protocol urls fail");
+
+ });
})(jQuery);
Please sign in to comment.
Something went wrong with that request. Please try again.