You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cordova.apache.org by Patrick Mueller <pm...@gmail.com> on 2012/10/09 19:17:14 UTC
white-listing File Transfer on iOS and bug CB-1600
I'm looking at https://issues.apache.org/jira/browse/CB-1600
I'm getting a crash running Mobile Spec on iOS 4.3 on iOS Simulator (Xcode
4.5.1 on Lion).
Coupla different things going on here.
One is that the crash occurs when you try to download a file from a host
not in the white-list.
There's some interesting code and comments here:
https://github.com/apache/incubator-cordova-ios/blob/master/CordovaLib/Classes/CDVURLProtocol.m#L105
Note the comment a few lines down:
// if it FAILS the whitelist, we return TRUE, so we can fail the
connection later
Um, WHO fails the connection later? Can't quite figure out that puzzle.
As the comments before it indicate, I'm getting [canInitWithRequest]
invoked 3 times per failed whitelist request, and then the code blindly
continues processing the file download. At some point, it fails, as
[CDVFileTransfer connection:didReceiveResponse:] is getting sent an
NSURLResponse and not a NSHTTPURLResponse, and the trap involves an invalid
casting of the NSURLResponse to a NSHTTPURLResponse.
(as a general cleanliness measure, perhaps we should always do isKindOf: or
whatever tests before casting?)
=== questions ===
- can we just do the white-list check FIRST, before even starting the file
transfer? That way we never get into this mess.
- maybe that doesn't work - do these NSURLConnections silently handle
redirects, and then end up potentially failing in the white-list there?
- I think we can check for white-list failure in
the [CDVFileTransfer connection:didReceiveResponse:] method with an
isKindOf: or whatever check, but I'm not sure if there's any other cleanup
that needs to take place here.
--
Patrick Mueller
http://muellerware.org
Re: white-listing File Transfer on iOS and bug CB-1600
Posted by Shazron <sh...@gmail.com>.
> There's some interesting code and comments here:
>
>
> https://github.com/apache/incubator-cordova-ios/blob/master/CordovaLib/Classes/CDVURLProtocol.m#L105
>
> Note the comment a few lines down:
>
> // if it FAILS the whitelist, we return TRUE, so we can fail the
> connection later
>
> Um, WHO fails the connection later? Can't quite figure out that puzzle.
We fail it here:
https://github.com/apache/incubator-cordova-ios/blob/master/CordovaLib/Classes/CDVURLProtocol.m#L127
Returning NO in line #105 does not fail it, it would actually make the
connection pass. So we return YES to fail it later.
> As the comments before it indicate, I'm getting [canInitWithRequest]
> invoked 3 times per failed whitelist request, and then the code blindly
> continues processing the file download. At some point, it fails, as
> [CDVFileTransfer connection:didReceiveResponse:] is getting sent an
> NSURLResponse and not a NSHTTPURLResponse, and the trap involves an invalid
> casting of the NSURLResponse to a NSHTTPURLResponse.
>
> (as a general cleanliness measure, perhaps we should always do isKindOf: or
> whatever tests before casting?)
yup, we should do a isKindOfClass: check here
> === questions ===
>
> - can we just do the white-list check FIRST, before even starting the file
> transfer? That way we never get into this mess.
We can't - see my previous comment on how NSURLProtocol works.
>
> - maybe that doesn't work - do these NSURLConnections silently handle
> redirects, and then end up potentially failing in the white-list there?
Not sure, I think there might be delegate functions for this:
http://stackoverflow.com/questions/1446509/handling-redirects-correctly-with-nsurlconnection
> - I think we can check for white-list failure in
> the [CDVFileTransfer connection:didReceiveResponse:] method with an
> isKindOf: or whatever check, but I'm not sure if there's any other cleanup
> that needs to take place here.
>
> --
> Patrick Mueller
> http://muellerware.org