You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cordova.apache.org by sh...@apache.org on 2012/08/08 01:30:01 UTC
ios commit: [CB-45] Add support for full urls in white-list,
extract hostname
Updated Branches:
refs/heads/master ee9704e88 -> 444a89013
[CB-45] Add support for full urls in white-list, extract hostname
Project: http://git-wip-us.apache.org/repos/asf/incubator-cordova-ios/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cordova-ios/commit/444a8901
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cordova-ios/tree/444a8901
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cordova-ios/diff/444a8901
Branch: refs/heads/master
Commit: 444a8901321db8a0afd27a6ebb163bc2790587de
Parents: ee9704e
Author: Shazron Abdullah <sh...@apache.org>
Authored: Tue Aug 7 16:29:18 2012 -0700
Committer: Shazron Abdullah <sh...@apache.org>
Committed: Tue Aug 7 16:29:47 2012 -0700
----------------------------------------------------------------------
CordovaLib/Classes/CDVWhitelist.m | 12 +++++++++++-
CordovaLib/CordovaLibTests/CDVWhitelistTests.m | 15 +++++++++++++++
2 files changed, 26 insertions(+), 1 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-cordova-ios/blob/444a8901/CordovaLib/Classes/CDVWhitelist.m
----------------------------------------------------------------------
diff --git a/CordovaLib/Classes/CDVWhitelist.m b/CordovaLib/Classes/CDVWhitelist.m
index 6176cee..a050794 100644
--- a/CordovaLib/Classes/CDVWhitelist.m
+++ b/CordovaLib/Classes/CDVWhitelist.m
@@ -81,6 +81,16 @@
return YES;
}
+- (NSString*) extractHostFromUrlString:(NSString*)url
+{
+ NSURL* aUrl = [NSURL URLWithString:url];
+ if (aUrl != nil && [aUrl scheme] != nil) { // found scheme
+ return [aUrl host];
+ } else {
+ return url;
+ }
+}
+
- (void) processWhitelist
{
if (self.whitelist == nil) {
@@ -100,7 +110,7 @@
while (externalHost = [enumerator nextObject])
{
- NSString* regex = [externalHost copy];
+ NSString* regex = [self extractHostFromUrlString:externalHost];
BOOL is_ip = [self isIPv4Address:regex];
// check for single wildcard '*', if found set allowAll to YES
http://git-wip-us.apache.org/repos/asf/incubator-cordova-ios/blob/444a8901/CordovaLib/CordovaLibTests/CDVWhitelistTests.m
----------------------------------------------------------------------
diff --git a/CordovaLib/CordovaLibTests/CDVWhitelistTests.m b/CordovaLib/CordovaLibTests/CDVWhitelistTests.m
index 8489e45..48a45d7 100644
--- a/CordovaLib/CordovaLibTests/CDVWhitelistTests.m
+++ b/CordovaLib/CordovaLibTests/CDVWhitelistTests.m
@@ -242,6 +242,21 @@
}
+- (void) testHostnameExtraction
+{
+ NSArray* allowedHosts = [NSArray arrayWithObjects:
+ @"http://apache.org/",
+ @"http://apache.org/foo/bar?x=y",
+ @"ftp://apache.org/foo/bar?x=y",
+ @"ftps://apache.org/foo/bar?x=y",
+ @"http://apache.*/foo/bar?x=y",
+ nil];
+
+ CDVWhitelist* whitelist = [[CDVWhitelist alloc] initWithArray:allowedHosts];
+
+ STAssertTrue([whitelist URLIsAllowed:[NSURL URLWithString:@"http://apache.org"]], nil);
+ STAssertFalse([whitelist URLIsAllowed:[NSURL URLWithString:@"http://google.com"]], nil);
+}
@end