Permalink
Browse files

Merge branch 'issue-2234' into 1.0-stable

  • Loading branch information...
johnbender committed Dec 16, 2011
2 parents 2c5de9b + 33add3b commit 93a1b47bde2a4997a5be4288ac536c02cf56c214
Showing with 30 additions and 5 deletions.
  1. +15 −5 js/jquery.mobile.navigation.js
  2. +15 −0 tests/unit/navigation/navigation_helpers.js
@@ -245,6 +245,19 @@
return ( u.hash && ( u.hrefNoHash === documentUrl.hrefNoHash || ( documentBaseDiffers && u.hrefNoHash === documentBase.hrefNoHash ) ) ); return ( u.hash && ( u.hrefNoHash === documentUrl.hrefNoHash || ( documentBaseDiffers && u.hrefNoHash === documentBase.hrefNoHash ) ) );
} }
return (/^#/).test( u.href ); return (/^#/).test( u.href );
},
// Some embedded browsers, like the web view in Phone Gap, allow cross-domain XHR
// requests if the document doing the request was loaded via the file:// protocol.
// This is usually to allow the application to "phone home" and fetch app specific
// data. We normally let the browser handle external/cross-domain urls, but if the
// allowCrossDomainPages option is true, we will allow cross-domain http/https
// requests to go through our page loading logic.
isPermittedCrossDomainRequest: function( docUrl, reqUrl ) {
return $.mobile.allowCrossDomainPages
&& docUrl.protocol === "file:"
&& reqUrl.search( /^https?:/ ) != -1;
} }
}, },
@@ -1220,7 +1233,6 @@
return path.makeUrlAbsolute( url, base); return path.makeUrlAbsolute( url, base);
} }
//The following event bindings should be bound after mobileinit has been triggered //The following event bindings should be bound after mobileinit has been triggered
//the following function is called in the init file //the following function is called in the init file
$.mobile._registerInternalEvents = function(){ $.mobile._registerInternalEvents = function(){
@@ -1256,8 +1268,7 @@
url = path.makeUrlAbsolute( url, getClosestBaseUrl($this) ); url = path.makeUrlAbsolute( url, getClosestBaseUrl($this) );
//external submits use regular HTTP if(( path.isExternal( url ) && !path.isPermittedCrossDomainRequest(documentUrl, url)) || target ) {
if( path.isExternal( url ) || target ) {
return; return;
} }
@@ -1365,12 +1376,11 @@
// data. We normally let the browser handle external/cross-domain urls, but if the // data. We normally let the browser handle external/cross-domain urls, but if the
// allowCrossDomainPages option is true, we will allow cross-domain http/https // allowCrossDomainPages option is true, we will allow cross-domain http/https
// requests to go through our page loading logic. // requests to go through our page loading logic.
isCrossDomainPageLoad = ( $.mobile.allowCrossDomainPages && documentUrl.protocol === "file:" && href.search( /^https?:/ ) != -1 ),
//check for protocol or rel and its not an embedded page //check for protocol or rel and its not an embedded page
//TODO overlap in logic from isExternal, rel=external check should be //TODO overlap in logic from isExternal, rel=external check should be
// moved into more comprehensive isExternalLink // moved into more comprehensive isExternalLink
isExternal = useDefaultUrlHandling || ( path.isExternal( href ) && !isCrossDomainPageLoad ); isExternal = useDefaultUrlHandling || ( path.isExternal( href ) && !path.isPermittedCrossDomainRequest(documentUrl, href) );
if( isExternal ) { if( isExternal ) {
httpCleanup(); httpCleanup();
@@ -215,4 +215,19 @@
same( $.mobile.path.cleanHash( "#anything/atall?akjfdjjf" ), "anything/atall", "removes query param"); same( $.mobile.path.cleanHash( "#anything/atall?akjfdjjf" ), "anything/atall", "removes query param");
same( $.mobile.path.cleanHash( "#nothing/atall" ), "nothing/atall", "removes query param"); same( $.mobile.path.cleanHash( "#nothing/atall" ), "nothing/atall", "removes query param");
}); });
test( "path.isPermittedCrossDomainRequest", function() {
var fileDocUrl = $.mobile.path.parseUrl( "file://foo" );
$.mobile.allowCrossDomainPages = false;
same( $.mobile.path.isPermittedCrossDomainRequest( "foo", "bar"), false, "always false from the setting");
$.mobile.allowCrossDomainPages = true;
// test the two states of the file protocol logic
same( $.mobile.path.isPermittedCrossDomainRequest( fileDocUrl, "http://bar.com/foo"), true, "external url from file protocol succeeds");
same( $.mobile.path.isPermittedCrossDomainRequest( fileDocUrl, "file://foo"), false, "two file protocol urls fail");
});
})(jQuery); })(jQuery);

0 comments on commit 93a1b47

Please sign in to comment.