mirror of
https://github.com/Hopiu/angular.js.git
synced 2026-03-20 00:10:26 +00:00
feat($sniffer): auto detect CSP mode
Chrome Canary now has CSP with apis that allow auto-detection. This change will turn on CSP mode automatically when we detect its presence. https://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-specification.dev.html#script-interfaces--experimental
This commit is contained in:
Vojta Jina
Igor Minar
parent
4ccd9eb883
commit
167aa0c29c
3 changed files with 32 additions and 13 deletions
|
|
@ -5,6 +5,7 @@
|
|||
*
|
||||
* @name ng.$sniffer
|
||||
* @requires $window
|
||||
* @requires $document
|
||||
*
|
||||
* @property {boolean} history Does the browser support html5 history api ?
|
||||
* @property {boolean} hashchange Does the browser support hashchange event ?
|
||||
|
|
@ -13,9 +14,10 @@
|
|||
* This is very simple implementation of testing browser's features.
|
||||
*/
|
||||
function $SnifferProvider() {
|
||||
this.$get = ['$window', function($window) {
|
||||
this.$get = ['$window', '$document', function($window, $document) {
|
||||
var eventSupport = {},
|
||||
android = int((/android (\d+)/.exec(lowercase($window.navigator.userAgent)) || [])[1]);
|
||||
android = int((/android (\d+)/.exec(lowercase($window.navigator.userAgent)) || [])[1]),
|
||||
document = $document[0];
|
||||
|
||||
return {
|
||||
// Android has history.pushState, but it does not update location correctly
|
||||
|
|
@ -25,7 +27,7 @@ function $SnifferProvider() {
|
|||
history: !!($window.history && $window.history.pushState && !(android < 4)),
|
||||
hashchange: 'onhashchange' in $window &&
|
||||
// IE8 compatible mode lies
|
||||
(!$window.document.documentMode || $window.document.documentMode > 7),
|
||||
(!document.documentMode || document.documentMode > 7),
|
||||
hasEvent: function(event) {
|
||||
// IE9 implements 'input' event it's so fubared that we rather pretend that it doesn't have
|
||||
// it. In particular the event is not fired when backspace or delete key are pressed or
|
||||
|
|
@ -33,14 +35,13 @@ function $SnifferProvider() {
|
|||
if (event == 'input' && msie == 9) return false;
|
||||
|
||||
if (isUndefined(eventSupport[event])) {
|
||||
var divElm = $window.document.createElement('div');
|
||||
var divElm = document.createElement('div');
|
||||
eventSupport[event] = 'on' + event in divElm;
|
||||
}
|
||||
|
||||
return eventSupport[event];
|
||||
},
|
||||
// TODO(i): currently there is no way to feature detect CSP without triggering alerts
|
||||
csp: false
|
||||
csp: document.SecurityPolicy ? document.SecurityPolicy.isActive() : false
|
||||
};
|
||||
}];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ describe('$log', function() {
|
|||
|
||||
|
||||
beforeEach(module(function($provide){
|
||||
$window = {navigator: {}};
|
||||
$window = {navigator: {}, document: {}};
|
||||
logger = '';
|
||||
log = function() { logger+= 'log;'; };
|
||||
warn = function() { logger+= 'warn;'; };
|
||||
|
|
|
|||
|
|
@ -2,9 +2,10 @@
|
|||
|
||||
describe('$sniffer', function() {
|
||||
|
||||
function sniffer($window) {
|
||||
function sniffer($window, $document) {
|
||||
$window.navigator = {};
|
||||
return new $SnifferProvider().$get[1]($window);
|
||||
$document = jqLite($document || {});
|
||||
return new $SnifferProvider().$get[2]($window, $document);
|
||||
}
|
||||
|
||||
describe('history', function() {
|
||||
|
|
@ -20,15 +21,15 @@ describe('$sniffer', function() {
|
|||
|
||||
describe('hashchange', function() {
|
||||
it('should be true if onhashchange property defined', function() {
|
||||
expect(sniffer({onhashchange: true, document: {}}).hashchange).toBe(true);
|
||||
expect(sniffer({onhashchange: true}, {}).hashchange).toBe(true);
|
||||
});
|
||||
|
||||
it('should be false if onhashchange property not defined', function() {
|
||||
expect(sniffer({document: {}}).hashchange).toBe(false);
|
||||
expect(sniffer({}, {}).hashchange).toBe(false);
|
||||
});
|
||||
|
||||
it('should be false if documentMode is 7 (IE8 comp mode)', function() {
|
||||
expect(sniffer({onhashchange: true, document: {documentMode: 7}}).hashchange).toBe(false);
|
||||
expect(sniffer({onhashchange: true}, {documentMode: 7}).hashchange).toBe(false);
|
||||
});
|
||||
});
|
||||
|
||||
|
|
@ -42,7 +43,7 @@ describe('$sniffer', function() {
|
|||
if (elm === 'div') return mockDivElement;
|
||||
});
|
||||
|
||||
$sniffer = sniffer({document: mockDocument});
|
||||
$sniffer = sniffer({}, mockDocument);
|
||||
});
|
||||
|
||||
|
||||
|
|
@ -78,4 +79,21 @@ describe('$sniffer', function() {
|
|||
expect($sniffer.hasEvent('input')).toBe((msie == 9) ? false : true);
|
||||
});
|
||||
});
|
||||
|
||||
|
||||
describe('csp', function() {
|
||||
it('should be false if document.SecurityPolicy.isActive not available', function() {
|
||||
expect(sniffer({}, {}).csp).toBe(false);
|
||||
});
|
||||
|
||||
|
||||
it('should use document.SecurityPolicy.isActive() if available', function() {
|
||||
var createDocumentWithCSP = function(csp) {
|
||||
return {SecurityPolicy: {isActive: function() {return csp;}}};
|
||||
};
|
||||
|
||||
expect(sniffer({}, createDocumentWithCSP(false)).csp).toBe(false);
|
||||
expect(sniffer({}, createDocumentWithCSP(true)).csp).toBe(true);
|
||||
});
|
||||
});
|
||||
});
|
||||
|
|
|
|||
Loading…
Reference in a new issue