Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

feat($sniffer): auto detect csp

  • Loading branch information...
commit 1da4cccddb449705dbf99a8916980c7da5598dc3 1 parent 54e4a6f
Vojta Jina authored
Showing with 32 additions and 13 deletions.
  1. +7 −6 src/ng/sniffer.js
  2. +1 −1  test/ng/logSpec.js
  3. +24 −6 test/ng/snifferSpec.js
13 src/ng/sniffer.js
View
@@ -5,6 +5,7 @@
*
* @name ng.$sniffer
* @requires $window
+ * @requires $document
*
* @property {boolean} history Does the browser support html5 history api ?
* @property {boolean} hashchange Does the browser support hashchange event ?
@@ -13,9 +14,10 @@
* This is very simple implementation of testing browser's features.
*/
function $SnifferProvider() {
- this.$get = ['$window', function($window) {
+ this.$get = ['$window', '$document', function($window, $document) {
var eventSupport = {},
- android = int((/android (\d+)/.exec(lowercase($window.navigator.userAgent)) || [])[1]);
+ android = int((/android (\d+)/.exec(lowercase($window.navigator.userAgent)) || [])[1]),
+ document = $document[0];
return {
// Android has history.pushState, but it does not update location correctly
@@ -25,7 +27,7 @@ function $SnifferProvider() {
history: !!($window.history && $window.history.pushState && !(android < 4)),
hashchange: 'onhashchange' in $window &&
// IE8 compatible mode lies
- (!$window.document.documentMode || $window.document.documentMode > 7),
+ (!document.documentMode || document.documentMode > 7),
hasEvent: function(event) {
// IE9 implements 'input' event it's so fubared that we rather pretend that it doesn't have
// it. In particular the event is not fired when backspace or delete key are pressed or
@@ -33,14 +35,13 @@ function $SnifferProvider() {
if (event == 'input' && msie == 9) return false;
if (isUndefined(eventSupport[event])) {
- var divElm = $window.document.createElement('div');
+ var divElm = document.createElement('div');
eventSupport[event] = 'on' + event in divElm;
}
return eventSupport[event];
},
- // TODO(i): currently there is no way to feature detect CSP without triggering alerts
- csp: false
+ csp: document.SecurityPolicy ? document.SecurityPolicy.isActive() : false
};
}];
}
2  test/ng/logSpec.js
View
@@ -6,7 +6,7 @@ describe('$log', function() {
beforeEach(module(function($provide){
- $window = {navigator: {}};
+ $window = {navigator: {}, document: {}};
logger = '';
log = function() { logger+= 'log;'; };
warn = function() { logger+= 'warn;'; };
30 test/ng/snifferSpec.js
View
@@ -2,9 +2,10 @@
describe('$sniffer', function() {
- function sniffer($window) {
+ function sniffer($window, $document) {
$window.navigator = {};
- return new $SnifferProvider().$get[1]($window);
+ $document = jqLite($document || {});
+ return new $SnifferProvider().$get[2]($window, $document);
}
describe('history', function() {
@@ -20,15 +21,15 @@ describe('$sniffer', function() {
describe('hashchange', function() {
it('should be true if onhashchange property defined', function() {
- expect(sniffer({onhashchange: true, document: {}}).hashchange).toBe(true);
+ expect(sniffer({onhashchange: true}, {}).hashchange).toBe(true);
});
it('should be false if onhashchange property not defined', function() {
- expect(sniffer({document: {}}).hashchange).toBe(false);
+ expect(sniffer({}, {}).hashchange).toBe(false);
});
it('should be false if documentMode is 7 (IE8 comp mode)', function() {
- expect(sniffer({onhashchange: true, document: {documentMode: 7}}).hashchange).toBe(false);
+ expect(sniffer({onhashchange: true}, {documentMode: 7}).hashchange).toBe(false);
});
});
@@ -42,7 +43,7 @@ describe('$sniffer', function() {
if (elm === 'div') return mockDivElement;
});
- $sniffer = sniffer({document: mockDocument});
+ $sniffer = sniffer({}, mockDocument);
});
@@ -78,4 +79,21 @@ describe('$sniffer', function() {
expect($sniffer.hasEvent('input')).toBe((msie == 9) ? false : true);
});
});
+
+
+ describe('csp', function() {
+ it('should be false if document.SecurityPolicy.isActive not available', function() {
+ expect(sniffer({}, {}).csp).toBe(false);
+ });
+
+
+ it('should use document.SecurityPolicy.isActive() if available', function() {
+ var createDocumentWithCSP = function(csp) {
+ return {SecurityPolicy: {isActive: function() {return csp;}}};
+ };
+
+ expect(sniffer({}, createDocumentWithCSP(false)).csp).toBe(false);
+ expect(sniffer({}, createDocumentWithCSP(true)).csp).toBe(true);
+ });
+ });
});

1 comment on commit 1da4ccc

Igor Minar

LGTM

Please sign in to comment.
Something went wrong with that request. Please try again.