mirror of
https://github.com/Hopiu/angular.js.git
synced 2026-03-20 00:10:26 +00:00
fix(urlUtils): made removal of windows drive from path safer
Prior to this fix, the urlResolve method would automatically strip the first segment of a path if the segment ends in a colon. This was to correct undesired behavior in the $location service using the file protocol on windows in multiple browsers (see #4680). However, there could be cases where users intentionally have first path segments that end in a colon (although this conflicts with section 3.3 of rfc3986). The solution to this problem is an extra check to make sure the first path segment of the input url does not end with a colon, to make sure we're only removing undesired path segments. Fixes #4939
This commit is contained in:
Jeff Cross
parent
bcc6e8d4f6
commit
89f435de84
3 changed files with 38 additions and 19 deletions
|
|
@ -22,8 +22,8 @@ function encodePath(path) {
|
|||
return segments.join('/');
|
||||
}
|
||||
|
||||
function parseAbsoluteUrl(absoluteUrl, locationObj) {
|
||||
var parsedUrl = urlResolve(absoluteUrl);
|
||||
function parseAbsoluteUrl(absoluteUrl, locationObj, appBase) {
|
||||
var parsedUrl = urlResolve(absoluteUrl, appBase);
|
||||
|
||||
locationObj.$$protocol = parsedUrl.protocol;
|
||||
locationObj.$$host = parsedUrl.hostname;
|
||||
|
|
@ -31,12 +31,12 @@ function parseAbsoluteUrl(absoluteUrl, locationObj) {
|
|||
}
|
||||
|
||||
|
||||
function parseAppUrl(relativeUrl, locationObj) {
|
||||
function parseAppUrl(relativeUrl, locationObj, appBase) {
|
||||
var prefixed = (relativeUrl.charAt(0) !== '/');
|
||||
if (prefixed) {
|
||||
relativeUrl = '/' + relativeUrl;
|
||||
}
|
||||
var match = urlResolve(relativeUrl);
|
||||
var match = urlResolve(relativeUrl, appBase);
|
||||
locationObj.$$path = decodeURIComponent(prefixed && match.pathname.charAt(0) === '/' ?
|
||||
match.pathname.substring(1) : match.pathname);
|
||||
locationObj.$$search = parseKeyValue(match.search);
|
||||
|
|
@ -91,7 +91,7 @@ function LocationHtml5Url(appBase, basePrefix) {
|
|||
this.$$html5 = true;
|
||||
basePrefix = basePrefix || '';
|
||||
var appBaseNoFile = stripFile(appBase);
|
||||
parseAbsoluteUrl(appBase, this);
|
||||
parseAbsoluteUrl(appBase, this, appBase);
|
||||
|
||||
|
||||
/**
|
||||
|
|
@ -106,7 +106,7 @@ function LocationHtml5Url(appBase, basePrefix) {
|
|||
appBaseNoFile);
|
||||
}
|
||||
|
||||
parseAppUrl(pathUrl, this);
|
||||
parseAppUrl(pathUrl, this, appBase);
|
||||
|
||||
if (!this.$$path) {
|
||||
this.$$path = '/';
|
||||
|
|
@ -158,7 +158,7 @@ function LocationHtml5Url(appBase, basePrefix) {
|
|||
function LocationHashbangUrl(appBase, hashPrefix) {
|
||||
var appBaseNoFile = stripFile(appBase);
|
||||
|
||||
parseAbsoluteUrl(appBase, this);
|
||||
parseAbsoluteUrl(appBase, this, appBase);
|
||||
|
||||
|
||||
/**
|
||||
|
|
@ -178,7 +178,7 @@ function LocationHashbangUrl(appBase, hashPrefix) {
|
|||
throw $locationMinErr('ihshprfx', 'Invalid url "{0}", missing hash prefix "{1}".', url,
|
||||
hashPrefix);
|
||||
}
|
||||
parseAppUrl(withoutHashUrl, this);
|
||||
parseAppUrl(withoutHashUrl, this, appBase);
|
||||
this.$$compose();
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -67,7 +67,7 @@ var originUrl = urlResolve(window.location.href, true);
|
|||
* | pathname | The pathname, beginning with "/"
|
||||
*
|
||||
*/
|
||||
function urlResolve(url) {
|
||||
function urlResolve(url, base) {
|
||||
var href = url,
|
||||
pathname;
|
||||
|
||||
|
|
@ -92,10 +92,9 @@ function urlResolve(url) {
|
|||
* do not include drive names for routing.
|
||||
*/
|
||||
|
||||
pathname = removeWindowsDriveName(urlParsingNode.pathname);
|
||||
pathname = removeWindowsDriveName(urlParsingNode.pathname, url, base);
|
||||
pathname = (pathname.charAt(0) === '/') ? pathname : '/' + pathname;
|
||||
|
||||
|
||||
// urlParsingNode provides the UrlUtils interface - http://url.spec.whatwg.org/#urlutils
|
||||
return {
|
||||
href: urlParsingNode.href,
|
||||
|
|
@ -107,13 +106,6 @@ function urlResolve(url) {
|
|||
port: urlParsingNode.port,
|
||||
pathname: pathname
|
||||
};
|
||||
|
||||
function removeWindowsDriveName (path) {
|
||||
var firstPathSegmentMatch;
|
||||
|
||||
firstPathSegmentMatch = windowsFilePathExp.exec(path);
|
||||
return firstPathSegmentMatch ? firstPathSegmentMatch[1] : path;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -129,3 +121,23 @@ function urlIsSameOrigin(requestUrl) {
|
|||
return (parsed.protocol === originUrl.protocol &&
|
||||
parsed.host === originUrl.host);
|
||||
}
|
||||
|
||||
function removeWindowsDriveName (path, url, base) {
|
||||
var firstPathSegmentMatch;
|
||||
|
||||
//Get the relative path from the input URL.
|
||||
if (url.indexOf(base) === 0) {
|
||||
url = url.replace(base, '');
|
||||
}
|
||||
|
||||
/*
|
||||
* The input URL intentionally contains a
|
||||
* first path segment that ends with a colon.
|
||||
*/
|
||||
if (windowsFilePathExp.exec(url)) {
|
||||
return path;
|
||||
}
|
||||
|
||||
firstPathSegmentMatch = windowsFilePathExp.exec(path);
|
||||
return firstPathSegmentMatch ? firstPathSegmentMatch[1] : path;
|
||||
}
|
||||
|
|
@ -34,7 +34,6 @@ describe('$location', function() {
|
|||
};
|
||||
}));
|
||||
|
||||
|
||||
afterEach(inject(function ($sniffer) {
|
||||
if ($sniffer.msie) return;
|
||||
//reset urlParsingNode
|
||||
|
|
@ -50,6 +49,14 @@ describe('$location', function() {
|
|||
|
||||
expect(url.path()).toBe('/foo');
|
||||
});
|
||||
|
||||
|
||||
it('should include the drive name if it was provided in the input url', function () {
|
||||
url = new LocationHashbangUrl('file:///base', '#!');
|
||||
url.$$parse('file:///base#!/C:/foo?a=b&c#hash');
|
||||
|
||||
expect(url.path()).toBe('/C:/foo');
|
||||
});
|
||||
});
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue