You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cordova.apache.org by sh...@apache.org on 2012/08/08 01:30:01 UTC

ios commit: [CB-45] Add support for full urls in white-list, extract hostname

Updated Branches:
  refs/heads/master ee9704e88 -> 444a89013


[CB-45] Add support for full urls in white-list, extract hostname


Project: http://git-wip-us.apache.org/repos/asf/incubator-cordova-ios/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cordova-ios/commit/444a8901
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cordova-ios/tree/444a8901
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cordova-ios/diff/444a8901

Branch: refs/heads/master
Commit: 444a8901321db8a0afd27a6ebb163bc2790587de
Parents: ee9704e
Author: Shazron Abdullah <sh...@apache.org>
Authored: Tue Aug 7 16:29:18 2012 -0700
Committer: Shazron Abdullah <sh...@apache.org>
Committed: Tue Aug 7 16:29:47 2012 -0700

----------------------------------------------------------------------
 CordovaLib/Classes/CDVWhitelist.m              |   12 +++++++++++-
 CordovaLib/CordovaLibTests/CDVWhitelistTests.m |   15 +++++++++++++++
 2 files changed, 26 insertions(+), 1 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-cordova-ios/blob/444a8901/CordovaLib/Classes/CDVWhitelist.m
----------------------------------------------------------------------
diff --git a/CordovaLib/Classes/CDVWhitelist.m b/CordovaLib/Classes/CDVWhitelist.m
index 6176cee..a050794 100644
--- a/CordovaLib/Classes/CDVWhitelist.m
+++ b/CordovaLib/Classes/CDVWhitelist.m
@@ -81,6 +81,16 @@
     return YES;
 }
 
+- (NSString*) extractHostFromUrlString:(NSString*)url
+{
+    NSURL* aUrl = [NSURL URLWithString:url];
+    if (aUrl != nil && [aUrl scheme] != nil) { // found scheme
+        return [aUrl host];
+    } else {
+        return url;
+    }
+}
+
 - (void) processWhitelist
 {
     if (self.whitelist == nil) {
@@ -100,7 +110,7 @@
     
     while (externalHost = [enumerator nextObject])
     {
-        NSString* regex = [externalHost copy];
+        NSString* regex = [self extractHostFromUrlString:externalHost];
         BOOL is_ip = [self isIPv4Address:regex];
         
         // check for single wildcard '*', if found set allowAll to YES

http://git-wip-us.apache.org/repos/asf/incubator-cordova-ios/blob/444a8901/CordovaLib/CordovaLibTests/CDVWhitelistTests.m
----------------------------------------------------------------------
diff --git a/CordovaLib/CordovaLibTests/CDVWhitelistTests.m b/CordovaLib/CordovaLibTests/CDVWhitelistTests.m
index 8489e45..48a45d7 100644
--- a/CordovaLib/CordovaLibTests/CDVWhitelistTests.m
+++ b/CordovaLib/CordovaLibTests/CDVWhitelistTests.m
@@ -242,6 +242,21 @@
 
 }
 
+- (void) testHostnameExtraction
+{    
+    NSArray* allowedHosts = [NSArray arrayWithObjects: 
+                             @"http://apache.org/",
+                             @"http://apache.org/foo/bar?x=y",
+                             @"ftp://apache.org/foo/bar?x=y",
+                             @"ftps://apache.org/foo/bar?x=y",
+                             @"http://apache.*/foo/bar?x=y",
+                             nil];
+    
+    CDVWhitelist* whitelist = [[CDVWhitelist alloc] initWithArray:allowedHosts];
+    
+    STAssertTrue([whitelist URLIsAllowed:[NSURL URLWithString:@"http://apache.org"]], nil);
+    STAssertFalse([whitelist URLIsAllowed:[NSURL URLWithString:@"http://google.com"]], nil);
+}
 
 
 @end