Hopiu/jquery-mobile
1
0
Fork 0
mirror of https://github.com/Hopiu/jquery-mobile.git synced 2026-05-11 08:03:10 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

centralize cross domain request check

Browse source
This commit is contained in:
John Bender 2011-12-13 17:39:23 -08:00
parent a679a6720a
commit 36c9d3a86b
1 changed files with 15 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
js/jquery.mobile.navigation.js
View file

@ -245,6 +245,19 @@
return ( u.hash && ( u.hrefNoHash === documentUrl.hrefNoHash || ( documentBaseDiffers && u.hrefNoHash === documentBase.hrefNoHash ) ) );
}
return (/^#/).test( u.href );
},
// Some embedded browsers, like the web view in Phone Gap, allow cross-domain XHR
// requests if the document doing the request was loaded via the file:// protocol.
// This is usually to allow the application to "phone home" and fetch app specific
// data. We normally let the browser handle external/cross-domain urls, but if the
// allowCrossDomainPages option is true, we will allow cross-domain http/https
// requests to go through our page loading logic.
isPermittedCrossDomainRequest: function( docUrl, reqUrl ) {
return $.mobile.allowCrossDomainPages
&& docUrl.protocol === "file:"
&& reqUrl.search( /^https?:/ ) != -1;
}
},
@ -1220,7 +1233,6 @@
return path.makeUrlAbsolute( url, base);
}
//The following event bindings should be bound after mobileinit has been triggered
//the following function is called in the init file
$.mobile._registerInternalEvents = function(){
@ -1256,10 +1268,7 @@
url = path.makeUrlAbsolute( url, getClosestBaseUrl($this) );
// More info about what's going on here is up in useDefaultUrlHandling in the Click routing.
// Basically if we loaded via file:// and we've got "allowCrossDomainPages" true, we should use changePage.
isCrossDomainPageLoad = ( $.mobile.allowCrossDomainPages && documentUrl.protocol === "file:");
if(( path.isExternal( url ) && !isCrossDomainPageLoad) || target ) {
if(( path.isExternal( url ) && !path.isPermittedCrossDomainRequest(documentUrl, url)) || target ) {
return;
}
@ -1367,12 +1376,11 @@
// data. We normally let the browser handle external/cross-domain urls, but if the
// allowCrossDomainPages option is true, we will allow cross-domain http/https
// requests to go through our page loading logic.
isCrossDomainPageLoad = ( $.mobile.allowCrossDomainPages && documentUrl.protocol === "file:" && href.search( /^https?:/ ) != -1 ),
//check for protocol or rel and its not an embedded page
//TODO overlap in logic from isExternal, rel=external check should be
// moved into more comprehensive isExternalLink
isExternal = useDefaultUrlHandling || ( path.isExternal( href ) && !isCrossDomainPageLoad );
isExternal = useDefaultUrlHandling || ( path.isExternal( href ) && !path.isPermittedCrossDomainRequest(documentUrl, href) );
if( isExternal ) {
httpCleanup();