svn commit: r1065878 - in /shindig/trunk: features/src/main/javascript/features/caja/ java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/

jasvir Mon, 31 Jan 2011 17:15:06 -0800

Author: jasvir
Date: Tue Feb  1 01:14:38 2011
New Revision: 1065878

URL: http://svn.apache.org/viewvc?rev=1065878&view=rev
Log:
Change url policy to:
* proxy dynamically created urls
* proxy urls that load media eg imgs


Modified:
    shindig/trunk/features/src/main/javascript/features/caja/feature.xml
    shindig/trunk/features/src/main/javascript/features/caja/taming.js
    
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/CajaContentRewriter.java
    
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/CajaContentRewriterTest.java
    
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerTest.java

Modified: shindig/trunk/features/src/main/javascript/features/caja/feature.xml
URL: 
http://svn.apache.org/viewvc/shindig/trunk/features/src/main/javascript/features/caja/feature.xml?rev=1065878&r1=1065877&r2=1065878&view=diff
==============================================================================
--- shindig/trunk/features/src/main/javascript/features/caja/feature.xml 
(original)
+++ shindig/trunk/features/src/main/javascript/features/caja/feature.xml Tue 
Feb  1 01:14:38 2011
@@ -20,6 +20,7 @@ The javascript referenced here should be
 -->
 <feature>
   <name>caja</name>
+  <dependency>core.io</dependency>
   <gadget>
     <script src="res://com/google/caja/plugin/domita-minified.js"/>
     <script src="caja.js"/>

Modified: shindig/trunk/features/src/main/javascript/features/caja/taming.js
URL: 
http://svn.apache.org/viewvc/shindig/trunk/features/src/main/javascript/features/caja/taming.js?rev=1065878&r1=1065877&r2=1065878&view=diff
==============================================================================
--- shindig/trunk/features/src/main/javascript/features/caja/taming.js 
(original)
+++ shindig/trunk/features/src/main/javascript/features/caja/taming.js Tue Feb  
1 01:14:38 2011
@@ -26,16 +26,13 @@ var caja___ = (function() {
   var uriCallback = {
     rewrite: function rewrite(uri, mimeTypes) {
       uri = String(uri);
-      // By default, only allow references to anchors.
+      // Allow references to anchors within the gadget
       if (/^#/.test(uri)) {
         return '#' + encodeURIComponent(decodeURIComponent(uri.substring(1)));
-        // and files on the same host
-      } else if (/^\/(?:[^\/][^?#]*)?$/.test(uri)) {
-        return encodeURI(decodeURI(uri));
+      } else {
+        // Proxy all other dynamically constructed urls
+        return gadgets.io.getProxyUrl(uri);
       }
-      // This callback can be replaced with one that passes the URL through
-      // a proxy that checks the mimetype.
-      return null;
     }
   };
 

Modified: 
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/CajaContentRewriter.java
URL: 
http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/CajaContentRewriter.java?rev=1065878&r1=1065877&r2=1065878&view=diff
==============================================================================
--- 
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/CajaContentRewriter.java
 (original)
+++ 
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/CajaContentRewriter.java
 Tue Feb  1 01:14:38 2011
@@ -58,6 +58,7 @@ import com.google.caja.reporting.SimpleM
 import com.google.caja.reporting.SnippetProducer;
 import com.google.caja.service.ServiceMessageType;
 import com.google.common.annotations.VisibleForTesting;
+import com.google.common.collect.ImmutableList;
 import com.google.common.collect.Maps;
 import com.google.inject.Inject;
 
@@ -77,6 +78,8 @@ import org.apache.shindig.gadgets.parse.
 import org.apache.shindig.gadgets.parse.HtmlSerializer;
 import org.apache.shindig.gadgets.rewrite.GadgetRewriter;
 import org.apache.shindig.gadgets.rewrite.MutableContent;
+import org.apache.shindig.gadgets.uri.ProxyUriManager;
+import org.apache.shindig.gadgets.uri.UriStatus;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
 import org.w3c.dom.Node;
@@ -103,10 +106,11 @@ public class CajaContentRewriter impleme
   private final Cache<String, Element> cajoledCache;
   private final RequestPipeline requestPipeline;
   private final HtmlSerializer htmlSerializer;
+  private final ProxyUriManager proxyUriManager;
 
   @Inject
   public CajaContentRewriter(CacheProvider cacheProvider, RequestPipeline 
requestPipeline,
-      HtmlSerializer htmlSerializer) {
+      HtmlSerializer htmlSerializer, ProxyUriManager proxyUriManager) {
     if (null == cacheProvider) {
       this.cajoledCache = null;
     } else {
@@ -118,6 +122,7 @@ public class CajaContentRewriter impleme
     }
     this.requestPipeline = requestPipeline;
     this.htmlSerializer = htmlSerializer;
+    this.proxyUriManager = proxyUriManager;
   }
   
   public class CajoledResult {
@@ -338,14 +343,25 @@ public class CajaContentRewriter impleme
     };
   }
   
-  private UriPolicy makePolicy(final Uri gadgetUri) {
+  protected UriPolicy makePolicy(final Uri gadgetUri) {
     return new UriPolicy() {
       public String rewriteUri(ExternalReference ref, UriEffect effect,
           LoaderType loader, Map<String, ?> hints) {
-        URI uri = ref.getUri();
-        if (uri.getScheme().equalsIgnoreCase("https") ||
-            uri.getScheme().equalsIgnoreCase("http")) {
-          return gadgetUri.resolve(Uri.fromJavaUri(uri)).toString();
+        try {
+          switch(effect) {
+            case SAME_DOCUMENT:
+                ProxyUriManager.ProxyUri proxyUri =
+                    new ProxyUriManager.ProxyUri(
+                        UriStatus.VALID_UNVERSIONED, 
Uri.fromJavaUri(ref.getUri()), null);
+                return proxyUriManager.make(ImmutableList.of(proxyUri), 
null).get(0).toString();
+            case NEW_DOCUMENT:
+            case NOT_LOADED:
+                return ref.getUri().toString();
+            default:
+                return null;
+          }
+        } catch (RuntimeException e) {
+          // if there are unexpected errors, fail safe - drop the uri
         }
         return null;
       }

Modified: 
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/CajaContentRewriterTest.java
URL: 
http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/CajaContentRewriterTest.java?rev=1065878&r1=1065877&r2=1065878&view=diff
==============================================================================
--- 
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/CajaContentRewriterTest.java
 (original)
+++ 
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/CajaContentRewriterTest.java
 Tue Feb  1 01:14:38 2011
@@ -37,7 +37,11 @@ import org.apache.shindig.gadgets.parse.
 import org.apache.shindig.gadgets.parse.nekohtml.NekoSimplifiedHtmlParser;
 import org.apache.shindig.gadgets.rewrite.MutableContent;
 import org.apache.shindig.gadgets.rewrite.RewriterTestBase;
+import org.apache.shindig.gadgets.uri.ProxyUriManager;
+import org.apache.shindig.gadgets.uri.ProxyUriManager.ProxyUri;
+import org.easymock.Capture;
 import org.easymock.EasyMock;
+import org.junit.Assert;
 import org.junit.Before;
 import org.junit.Test;
 import org.w3c.dom.DOMImplementation;
@@ -51,7 +55,8 @@ import static org.junit.Assert.assertTru
 public class CajaContentRewriterTest extends RewriterTestBase {
   private List<GadgetHtmlParser> parsers;
   private CajaContentRewriter rewriter;
-
+  private ProxyUriManager proxyUriManager;
+  
   @Before
   public void setUp() throws Exception {
     super.setUp();
@@ -67,7 +72,8 @@ public class CajaContentRewriterTest ext
     CacheProvider lru = new LruCacheProvider(3);
     RequestPipeline pipeline = EasyMock.createNiceMock(RequestPipeline.class);
     DefaultHtmlSerializer defaultSerializer = new DefaultHtmlSerializer();
-    rewriter = new CajaContentRewriter(lru, pipeline, defaultSerializer) {
+    proxyUriManager = EasyMock.createNiceMock(ProxyUriManager.class);
+    rewriter = new CajaContentRewriter(lru, pipeline, defaultSerializer, 
proxyUriManager) {
       @Override
       protected PluginCompiler makePluginCompiler(PluginMeta m, MessageQueue 
q) {
         BuildInfo bi = EasyMock.createNiceMock(BuildInfo.class);
@@ -134,10 +140,41 @@ public class CajaContentRewriterTest ext
     testMarkup(markup, expected, messages);
   }
 
+  @Test
+  public void testUrlRewrite() throws Exception {
+    String uri = "http://www.example.com/";;
+    String unproxied = uri;
+    String proxied = "http://shindig.com/gadgets/proxy?url="; + uri;
+    
+    expect(proxyUriManager.make(EasyMock.anyObject(List.class), 
EasyMock.isNull(Integer.class)))
+        .andReturn(ImmutableList.<Uri>of(Uri.parse(proxied))).anyTimes();
+    replay(proxyUriManager);
+
+    // Uris that transistion the page
+    assertUrlRewritten("a", "href", uri, unproxied);
+    assertUrlRewritten("area", "href", uri, unproxied);
+    
+    // Uris that load media
+    assertUrlRewritten("img", "src", uri, proxied);
+    
+    // Uris that have no effect on the document
+    assertUrlRewritten("blockquote", "cite", uri, unproxied);
+    assertUrlRewritten("q", "cite", uri, unproxied);
+    assertUrlRewritten("del", "cite", uri, unproxied);
+    assertUrlRewritten("ins", "cite", uri, unproxied);
+  }
+  
   private void testMarkup(String markup, String expected) throws 
GadgetException{
     testMarkup(markup, expected, null);
   }
 
+  private void assertUrlRewritten(String tagName, String attr, String orig, 
String rewritten)
+      throws Exception {
+    String markUp = "<" + tagName + " " + attr + "=\"" + orig + "\">";
+    String expected = attr + "=\"" + rewritten + "\"";
+    testMarkup(markUp, expected);
+  }
+  
   private void testMarkup(String markup, String expected, List<String> msgs) 
throws GadgetException{
     Gadget gadget = makeGadget();
     for (GadgetHtmlParser parser : parsers) {

Modified: 
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerTest.java
URL: 
http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerTest.java?rev=1065878&r1=1065877&r2=1065878&view=diff
==============================================================================
--- 
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerTest.java
 (original)
+++ 
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerTest.java
 Tue Feb  1 01:14:38 2011
@@ -186,7 +186,7 @@ public class GadgetsHandlerTest extends 
   }
 
   private CajoledResult cajole(Uri uri, String mime, String content) throws 
ParseException {
-    CajaContentRewriter rw = new CajaContentRewriter(null, null, null);
+    CajaContentRewriter rw = new CajaContentRewriter(null, null, null, 
proxyUriManager);
     InputSource is = new InputSource(uri.toJavaUri());
     MessageQueue mq = new SimpleMessageQueue();
     CharProducer cp = CharProducer.Factory.create(new StringReader(content), 
is);

svn commit: r1065878 - in /shindig/trunk: features/src/main/javascript/features/caja/ java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/

Reply via email to