Hopiu/angular.js
1
0
Fork 0
mirror of https://github.com/Hopiu/angular.js.git synced 2026-03-16 23:30:23 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Provide better sandbox error messages, and disallow running from file:// URLs

Browse source
This commit is contained in:
Elliott Sprehn 2010-11-01 18:03:52 -07:00 committed by Igor Minar
parent 56a3d52f45
commit dcf76e6816
4 changed files with 48 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
css/angular-scenario.css
View file

@ -8,6 +8,11 @@ body {
font-size: 14px; font-size: 14px;
} }
#system-error {
font-size: 1.5em;
text-align: center;
}
#json, #xml { #json, #xml {
display: none; display: none;
} }

4
src/scenario/Application.js
View file

@ -79,8 +79,8 @@ angular.scenario.Application.prototype.navigateTo = function(url, loadFn, errorF
var frame = this.getFrame_(); var frame = this.getFrame_();
//TODO(esprehn): Refactor to use rethrow() //TODO(esprehn): Refactor to use rethrow()
errorFn = errorFn || function(e) { throw e; }; errorFn = errorFn || function(e) { throw e; };
if (/^file:\/\//.test(url)) { if (url === 'about:blank') {
errorFn('Sandbox Error: Cannot load file:// URL.'); errorFn('Sandbox Error: Navigating to about:blank is not allowed.');
} else if (url.charAt(0) === '#') { } else if (url.charAt(0) === '#') {
url = frame.attr('src').split('#')[0] + url; url = frame.attr('src').split('#')[0] + url;
frame.attr('src', url); frame.attr('src', url);

10
src/scenario/Scenario.js
View file

@ -93,6 +93,7 @@ angular.scenario.matcher = angular.scenario.matcher || function(name, fn) {
* @param {Object} config Config options * @param {Object} config Config options
*/ */
function angularScenarioInit($scenario, config) { function angularScenarioInit($scenario, config) {
var href = window.location.href;
var body = _jQuery(document.body); var body = _jQuery(document.body);
var output = []; var output = [];
@ -108,6 +109,15 @@ function angularScenarioInit($scenario, config) {
} }
}); });
if (!/^http/.test(href) && !/^https/.test(href)) {
body.append('<p id="system-error"></p>');
body.find('#system-error').text(
'Scenario runner must be run using http or https. The protocol ' +
href.split(':')[0] + ':// is not supported.'
);
return;
}
var appFrame = body.append('<div id="application"></div>').find('#application'); var appFrame = body.append('<div id="application"></div>').find('#application');
var application = new angular.scenario.Application(appFrame); var application = new angular.scenario.Application(appFrame);

43
test/scenario/ApplicationSpec.js
View file

@ -1,4 +1,5 @@
describe('angular.scenario.Application', function() { describe('angular.scenario.Application', function() {
var $window;
var app, frames; var app, frames;
function callLoadHandlers(app) { function callLoadHandlers(app) {
@ -52,53 +53,59 @@ describe('angular.scenario.Application', function() {
}); });
it('should use a new iframe each time', function() { it('should use a new iframe each time', function() {
app.navigateTo('about:blank'); app.navigateTo('http://localhost/');
var frame = app.getFrame_(); var frame = app.getFrame_();
frame.attr('test', true); frame.attr('test', true);
app.navigateTo('about:blank'); app.navigateTo('http://localhost/');
expect(app.getFrame_().attr('test')).toBeFalsy(); expect(app.getFrame_().attr('test')).toBeFalsy();
}); });
it('should call error handler if document not accessible', function() { it('should call error handler if document not accessible', function() {
var called;
app.getWindow_ = function() { app.getWindow_ = function() {
return {}; return {};
}; };
app.navigateTo('about:blank', angular.noop, function(error) { app.navigateTo('http://localhost/', angular.noop, function(error) {
expect(error).toMatch(/Sandbox Error/); expect(error).toMatch(/Sandbox Error/);
called = true;
}); });
callLoadHandlers(app); callLoadHandlers(app);
expect(called).toBeTruthy();
}); });
it('should call error handler if using file:// URL', function() { it('should call error handler if navigating to about:blank', function() {
app.navigateTo('file://foo/bar.txt', angular.noop, function(error) { var called;
app.navigateTo('about:blank', angular.noop, function(error) {
expect(error).toMatch(/Sandbox Error/); expect(error).toMatch(/Sandbox Error/);
called = true;
}); });
expect(called).toBeTruthy();
}); });
it('should call error handler if status check fails', function() { it('should call error handler if status check fails', function() {
app.checkUrlStatus_ = function(url, callback) { app.checkUrlStatus_ = function(url, callback) {
callback.call(this, 'Example Error'); callback.call(this, 'Example Error');
}; };
app.navigateTo('about:blank', angular.noop, function(error) { app.navigateTo('http://localhost/', angular.noop, function(error) {
expect(error).toEqual('Example Error'); expect(error).toEqual('Example Error');
}); });
}); });
it('should hide old iframes and navigate to about:blank', function() { it('should hide old iframes and navigate to about:blank', function() {
app.navigateTo('about:blank#foo'); app.navigateTo('http://localhost/#foo');
app.navigateTo('about:blank#bar'); app.navigateTo('http://localhost/#bar');
var iframes = frames.find('iframe'); var iframes = frames.find('iframe');
expect(iframes.length).toEqual(2); expect(iframes.length).toEqual(2);
expect(iframes[0].src).toEqual('about:blank'); expect(iframes[0].src).toEqual('about:blank');
expect(iframes[1].src).toEqual('about:blank#bar'); expect(iframes[1].src).toEqual('http://localhost/#bar');
expect(_jQuery(iframes[0]).css('display')).toEqual('none'); expect(_jQuery(iframes[0]).css('display')).toEqual('none');
}); });
it('should URL update description bar', function() { it('should URL update description bar', function() {
app.navigateTo('about:blank'); app.navigateTo('http://localhost/');
var anchor = frames.find('> h2 a'); var anchor = frames.find('> h2 a');
expect(anchor.attr('href')).toEqual('about:blank'); expect(anchor.attr('href')).toEqual('http://localhost/');
expect(anchor.text()).toEqual('about:blank'); expect(anchor.text()).toEqual('http://localhost/');
}); });
it('should call onload handler when frame loads', function() { it('should call onload handler when frame loads', function() {
@ -106,7 +113,7 @@ describe('angular.scenario.Application', function() {
app.getWindow_ = function() { app.getWindow_ = function() {
return {document: {}}; return {document: {}};
}; };
app.navigateTo('about:blank', function($window, $document) { app.navigateTo('http://localhost/', function($window, $document) {
called = true; called = true;
}); });
callLoadHandlers(app); callLoadHandlers(app);
@ -130,7 +137,7 @@ describe('angular.scenario.Application', function() {
notifyWhenNoOutstandingRequests: function(fn) { notifyWhenNoOutstandingRequests: function(fn) {
handlers.push(fn); handlers.push(fn);
} }
} };
}; };
app.getWindow_ = function() { app.getWindow_ = function() {
return testWindow; return testWindow;
@ -178,7 +185,7 @@ describe('angular.scenario.Application', function() {
var finished; var finished;
response.status = 199; response.status = 199;
response.statusText = 'Error Message'; response.statusText = 'Error Message';
app.navigateTo('about:blank', angular.noop, function(error) { app.navigateTo('http://localhost/', angular.noop, function(error) {
expect(error).toEqual('199 Error Message'); expect(error).toEqual('199 Error Message');
finished = true; finished = true;
}); });
@ -189,7 +196,7 @@ describe('angular.scenario.Application', function() {
var finished; var finished;
response.status = 300; response.status = 300;
response.statusText = 'Error'; response.statusText = 'Error';
app.navigateTo('about:blank', angular.noop, function(error) { app.navigateTo('http://localhost/', angular.noop, function(error) {
expect(error).toEqual('300 Error'); expect(error).toEqual('300 Error');
finished = true; finished = true;
}); });
@ -200,8 +207,8 @@ describe('angular.scenario.Application', function() {
var finished; var finished;
response.status = 0; response.status = 0;
response.statusText = ''; response.statusText = '';
app.navigateTo('about:blank', angular.noop, function(error) { app.navigateTo('http://localhost/', angular.noop, function(error) {
expect(error).toEqual('Sandbox Error: Cannot access about:blank'); expect(error).toEqual('Sandbox Error: Cannot access http://localhost/');
finished = true; finished = true;
}); });
expect(finished).toBeTruthy(); expect(finished).toBeTruthy();