Author: johnh
Date: Thu May 5 00:58:14 2011
New Revision: 1099644
URL: http://svn.apache.org/viewvc?rev=1099644&view=rev
Log:
Get rid of separate concept of forcesecure. There's no good reason to allow
insecure gadgets.rpc communication, and this simplifies code a bit as well.
Modified:
shindig/trunk/features/src/main/javascript/features/rpc/flash.transport.js
shindig/trunk/features/src/main/javascript/features/rpc/noop.transport.js
shindig/trunk/features/src/main/javascript/features/rpc/rpc.js
shindig/trunk/features/src/main/javascript/features/rpc/wpm.transport.js
Modified:
shindig/trunk/features/src/main/javascript/features/rpc/flash.transport.js
URL:
http://svn.apache.org/viewvc/shindig/trunk/features/src/main/javascript/features/rpc/flash.transport.js?rev=1099644&r1=1099643&r2=1099644&view=diff
==============================================================================
--- shindig/trunk/features/src/main/javascript/features/rpc/flash.transport.js
(original)
+++ shindig/trunk/features/src/main/javascript/features/rpc/flash.transport.js
Thu May 5 00:58:14 2011
@@ -37,7 +37,6 @@ if (!gadgets.rpctx.flash) { // make lib
var usingFlash = false;
var processFn = null;
var readyFn = null;
- var secureReceivers = {};
var relayHandle = null;
var LOADER_TIMEOUT_MS = 100;
@@ -225,7 +224,7 @@ if (!gadgets.rpctx.flash) { // make lib
return true;
},
- setup: function(receiverId, token, forceSecure) {
+ setup: function(receiverId, token) {
// Perform all setup, including embedding of relay SWF (a one-time
// per Window operation), in this method. We cannot assume
document.body
// exists however, since child-to-parent setup is often done in head.
@@ -233,7 +232,6 @@ if (!gadgets.rpctx.flash) { // make lib
// If body already exists then this enqueueing will immediately flush;
// otherwise polling will occur until the SWF has completed loading, at
// which point all connections will complete their handshake.
- secureReceivers[receiverId] = !!forceSecure;
pendingHandshakes.push({ token: token, targetId: receiverId });
if (relayHandle === null && setupHandle === null) {
setupHandle = window.setTimeout(relayLoader, LOADER_TIMEOUT_MS);
Modified:
shindig/trunk/features/src/main/javascript/features/rpc/noop.transport.js
URL:
http://svn.apache.org/viewvc/shindig/trunk/features/src/main/javascript/features/rpc/noop.transport.js?rev=1099644&r1=1099643&r2=1099644&view=diff
==============================================================================
--- shindig/trunk/features/src/main/javascript/features/rpc/noop.transport.js
(original)
+++ shindig/trunk/features/src/main/javascript/features/rpc/noop.transport.js
Thu May 5 00:58:14 2011
@@ -36,7 +36,7 @@ if (!gadgets.rpctx.noop) { // make lib
return true;
},
- setup: function(receiverId, token, forceSecure) {
+ setup: function(receiverId, token) {
return true;
},
Modified: shindig/trunk/features/src/main/javascript/features/rpc/rpc.js
URL:
http://svn.apache.org/viewvc/shindig/trunk/features/src/main/javascript/features/rpc/rpc.js?rev=1099644&r1=1099643&r2=1099644&view=diff
==============================================================================
--- shindig/trunk/features/src/main/javascript/features/rpc/rpc.js (original)
+++ shindig/trunk/features/src/main/javascript/features/rpc/rpc.js Thu May 5
00:58:14 2011
@@ -233,7 +233,14 @@ if (!window['gadgets']['rpc']) { // make
function onunload() {
mainPageUnloading = true;
}
- gadgets.util.attachBrowserEvent(window, 'unload', onunload, false);
+
+ // TODO: use common helper
+ if (typeof window.addEventListener != 'undefined') {
+ window.addEventListener('unload', onunload, false);
+ } else if (typeof window.attachEvent != 'undefined') {
+ window.attachEvent('onunload', onunload);
+ }
+
hookedUnload = true;
}
@@ -492,7 +499,7 @@ if (!window['gadgets']['rpc']) { // make
* RPC mechanism. Gadgets, in turn, will complete the setup
* of the channel once they send their first messages.
*/
- function setupFrame(frameId, token, forcesecure) {
+ function setupFrame(frameId, token) {
if (setup[frameId] === true) {
return;
}
@@ -503,7 +510,7 @@ if (!window['gadgets']['rpc']) { // make
var tgtFrame = getTargetWin(frameId);
if (frameId === '..' || tgtFrame != null) {
- if (transport.setup(frameId, token, forcesecure) === true) {
+ if (transport.setup(frameId, token) === true) {
setup[frameId] = true;
return;
}
@@ -511,7 +518,7 @@ if (!window['gadgets']['rpc']) { // make
if (setup[frameId] !== true && setup[frameId]++ < SETUP_FRAME_MAX_TRIES)
{
// Try again in a bit, assuming that frame will soon exist.
- window.setTimeout(function() { setupFrame(frameId, token,
forcesecure); },
+ window.setTimeout(function() { setupFrame(frameId, token); },
SETUP_FRAME_TIMEOUT);
} else {
// Fail: fall back for this gadget.
@@ -625,7 +632,7 @@ if (!window['gadgets']['rpc']) { // make
* @member gadgets.rpc
* @deprecated
*/
- function setAuthToken(targetId, token, forcesecure) {
+ function setAuthToken(targetId, token) {
token = token || '';
// Coerce token to a String, ensuring that all authToken values
@@ -633,10 +640,10 @@ if (!window['gadgets']['rpc']) { // make
// in the process(rpc) method.
authToken[targetId] = String(token);
- setupFrame(targetId, token, forcesecure);
+ setupFrame(targetId, token);
}
- function setupContainerGadgetContext(rpctoken, opt_forcesecure) {
+ function setupContainerGadgetContext(rpctoken) {
function init(config) {
var cfg = config ? config['rpc'] : {};
var configLegacy = cfg['useLegacyProtocol'];
@@ -652,26 +659,25 @@ if (!window['gadgets']['rpc']) { // make
transport = gadgets.rpctx.ifpc;
transport.init(process, transportReady);
}
- setAuthToken('..', rpctoken, opt_forcesecure || params['forcesecure']);
+ setAuthToken('..', rpctoken);
passReferrer = String(cfg['passReferrer']) === 'true';
}
gadgets.config.register('rpc', null, init);
}
- function setupContainerGenericIframe(rpctoken, opt_parent,
opt_forcesecure) {
+ function setupContainerGenericIframe(rpctoken, opt_parent) {
// Generic child IFRAME setting up connection w/ its container.
// Use the opt_parent param if provided, or the "parent" query param
// if found -- otherwise, do nothing since this call might be initiated
// automatically at first, then actively later in IFRAME code.
- var forcesecure = opt_forcesecure || params['forcesecure'] || false;
var parent = opt_parent || params['parent'];
if (parent) {
setRelayUrl('..', parent);
- setAuthToken('..', rpctoken, forcesecure);
+ setAuthToken('..', rpctoken);
}
}
- function setupChildIframe(gadgetId, opt_frameurl, opt_authtoken,
opt_forcesecure) {
+ function setupChildIframe(gadgetId, opt_frameurl, opt_authtoken) {
if (gadgetId.charAt(0) != '/') {
// only set up child (and not sibling) iframe
if (!gadgets.util) {
@@ -692,8 +698,7 @@ if (!window['gadgets']['rpc']) { // make
// The auth token is parsed from child params (rpctoken) or overridden.
var childParams = gadgets.util.getUrlParameters(relayUrl);
var rpctoken = opt_authtoken || childParams['rpctoken'];
- var forcesecure = opt_forcesecure || childParams['forcesecure'];
- setAuthToken(gadgetId, rpctoken, forcesecure);
+ setAuthToken(gadgetId, rpctoken);
}
/**
@@ -738,20 +743,19 @@ if (!window['gadgets']['rpc']) { // make
* @param {string} targetId
* @param {string=} opt_receiverurl
* @param {string=} opt_authtoken
- * @param {boolean=} opt_forcesecure
*/
- function setupReceiver(targetId, opt_receiverurl, opt_authtoken,
opt_forcesecure) {
+ function setupReceiver(targetId, opt_receiverurl, opt_authtoken) {
if (targetId === '..') {
// Gadget/IFRAME to container.
var rpctoken = opt_authtoken || params['rpctoken'] ||
params['ifpctok'] || '';
if (window['__isgadget'] === true) {
- setupContainerGadgetContext(rpctoken, opt_forcesecure);
+ setupContainerGadgetContext(rpctoken);
} else {
- setupContainerGenericIframe(rpctoken, opt_receiverurl,
opt_forcesecure);
+ setupContainerGenericIframe(rpctoken, opt_receiverurl);
}
} else {
// Container to child.
- setupChildIframe(targetId, opt_receiverurl, opt_authtoken,
opt_forcesecure);
+ setupChildIframe(targetId, opt_receiverurl, opt_authtoken);
}
}
Modified:
shindig/trunk/features/src/main/javascript/features/rpc/wpm.transport.js
URL:
http://svn.apache.org/viewvc/shindig/trunk/features/src/main/javascript/features/rpc/wpm.transport.js?rev=1099644&r1=1099643&r2=1099644&view=diff
==============================================================================
--- shindig/trunk/features/src/main/javascript/features/rpc/wpm.transport.js
(original)
+++ shindig/trunk/features/src/main/javascript/features/rpc/wpm.transport.js
Thu May 5 00:58:14 2011
@@ -45,7 +45,6 @@ if (!gadgets.rpctx.wpm) { // make lib r
gadgets.rpctx.wpm = function() {
var process, ready;
- var isForceSecure = false;
function attachBrowserEvent(eventName, callback, useCapture) {
if (typeof window.addEventListener != 'undefined') {
@@ -65,25 +64,23 @@ if (!gadgets.rpctx.wpm) { // make lib r
function onmessage(packet) {
var rpc = gadgets.json.parse(packet.data);
- if (isForceSecure) {
- if (!rpc || !rpc['f']) {
- return;
- }
+ if (!rpc || !rpc['f']) {
+ return;
+ }
- // for security, check origin against expected value
- var origRelay = gadgets.rpc.getRelayUrl(rpc['f']) ||
- gadgets.util.getUrlParameters()['parent'];
- var origin = gadgets.rpc.getOrigin(origRelay);
-
- // Opera's "message" event does not have an "origin" property (at
least,
- // it doesn't in version 9.64; presumably, it will in version 10). If
- // event.origin does not exist, use event.domain. The other
difference is that
- // while event.origin looks like <scheme>://<hostname>:<port>,
event.domain
- // consists only of <hostname>.
- if (typeof packet.origin !== "undefined" ? packet.origin !== origin :
- packet.domain !== /^.+:\/\/([^:]+).*/.exec(origin)[1]) {
- return;
- }
+ // for security, check origin against expected value
+ var origRelay = gadgets.rpc.getRelayUrl(rpc['f']) ||
+ gadgets.util.getUrlParameters()['parent'];
+ var origin = gadgets.rpc.getOrigin(origRelay);
+
+ // Opera's "message" event does not have an "origin" property (at least,
+ // it doesn't in version 9.64; presumably, it will in version 10). If
+ // event.origin does not exist, use event.domain. The other difference
is that
+ // while event.origin looks like <scheme>://<hostname>:<port>,
event.domain
+ // consists only of <hostname>.
+ if (typeof packet.origin !== "undefined" ? packet.origin !== origin :
+ packet.domain !== /^.+:\/\/([^:]+).*/.exec(origin)[1]) {
+ return;
}
process(rpc, packet.origin);
}
@@ -108,16 +105,11 @@ if (!gadgets.rpctx.wpm) { // make lib r
return true;
},
- setup: function(receiverId, token, forceSecure) {
- isForceSecure = forceSecure;
+ setup: function(receiverId, token) {
// If we're a gadget, send an ACK message to indicate to container
// that we're ready to receive messages.
if (receiverId === '..') {
- if (isForceSecure) {
- gadgets.rpc._createRelayIframe(token);
- } else {
- gadgets.rpc.call(receiverId, gadgets.rpc.ACK);
- }
+ gadgets.rpc._createRelayIframe(token);
}
return true;
},
