You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cordova.apache.org by ia...@apache.org on 2014/10/24 22:17:44 UTC

[3/5] ios commit: Defer whitelist decisions to plugins

Defer whitelist decisions to plugins


Project: http://git-wip-us.apache.org/repos/asf/cordova-ios/repo
Commit: http://git-wip-us.apache.org/repos/asf/cordova-ios/commit/04a538e9
Tree: http://git-wip-us.apache.org/repos/asf/cordova-ios/tree/04a538e9
Diff: http://git-wip-us.apache.org/repos/asf/cordova-ios/diff/04a538e9

Branch: refs/heads/unplug-whitelist
Commit: 04a538e9125ccc6e4086c2ef04aee3ba31a9715b
Parents: c184a88
Author: Ian Clelland <ic...@chromium.org>
Authored: Fri Oct 24 16:12:04 2014 -0400
Committer: Ian Clelland <ic...@chromium.org>
Committed: Fri Oct 24 16:12:04 2014 -0400

----------------------------------------------------------------------
 CordovaLib/Classes/CDVCommandDelegateImpl.m |  3 +-
 CordovaLib/Classes/CDVURLProtocol.m         |  7 +--
 CordovaLib/Classes/CDVViewController.h      |  2 +-
 CordovaLib/Classes/CDVViewController.m      | 72 ++++++++++--------------
 4 files changed, 34 insertions(+), 50 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cordova-ios/blob/04a538e9/CordovaLib/Classes/CDVCommandDelegateImpl.m
----------------------------------------------------------------------
diff --git a/CordovaLib/Classes/CDVCommandDelegateImpl.m b/CordovaLib/Classes/CDVCommandDelegateImpl.m
index fc3346d..033f3ed 100644
--- a/CordovaLib/Classes/CDVCommandDelegateImpl.m
+++ b/CordovaLib/Classes/CDVCommandDelegateImpl.m
@@ -169,8 +169,7 @@
 
 - (BOOL)URLIsWhitelisted:(NSURL*)url
 {
-    return ![_viewController.whitelist schemeIsAllowed:[url scheme]] ||
-           [_viewController.whitelist URLIsAllowed:url logFailure:NO];
+    return [_viewController shouldAllowNavigationToURL:url];
 }
 
 - (NSDictionary*)settings

http://git-wip-us.apache.org/repos/asf/cordova-ios/blob/04a538e9/CordovaLib/Classes/CDVURLProtocol.m
----------------------------------------------------------------------
diff --git a/CordovaLib/Classes/CDVURLProtocol.m b/CordovaLib/Classes/CDVURLProtocol.m
index fce5783..28adc2c 100644
--- a/CordovaLib/Classes/CDVURLProtocol.m
+++ b/CordovaLib/Classes/CDVURLProtocol.m
@@ -131,12 +131,7 @@ static CDVViewController *viewControllerForRequest(NSURLRequest* request)
             // For this reason, we return NO when cmds exist.
             return !hasCmds;
         }
-        // we only care about http and https connections.
-        // CORS takes care of http: trying to access file: URLs.
-        if ([gWhitelist schemeIsAllowed:[theUrl scheme]]) {
-            // if it FAILS the whitelist, we return TRUE, so we can fail the connection later
-            return ![gWhitelist URLIsAllowed:theUrl];
-        }
+        return ![viewController shouldAllowNavigationToURL:theUrl];
     }
 
     return NO;

http://git-wip-us.apache.org/repos/asf/cordova-ios/blob/04a538e9/CordovaLib/Classes/CDVViewController.h
----------------------------------------------------------------------
diff --git a/CordovaLib/Classes/CDVViewController.h b/CordovaLib/Classes/CDVViewController.h
index 4ee9967..fbf5260 100644
--- a/CordovaLib/Classes/CDVViewController.h
+++ b/CordovaLib/Classes/CDVViewController.h
@@ -78,7 +78,7 @@
 - (void)registerPlugin:(CDVPlugin*)plugin withClassName:(NSString*)className;
 - (void)registerPlugin:(CDVPlugin*)plugin withPluginName:(NSString*)pluginName;
 
-- (BOOL)URLisAllowed:(NSURL*)url;
+- (BOOL)URLisAllowed:(NSURL*)url __attribute__((deprecated));
 - (BOOL)shouldAllowNavigationToURL:(NSURL *)url;
 - (BOOL)shouldOpenExternalURL:(NSURL *)url;
 

http://git-wip-us.apache.org/repos/asf/cordova-ios/blob/04a538e9/CordovaLib/Classes/CDVViewController.m
----------------------------------------------------------------------
diff --git a/CordovaLib/Classes/CDVViewController.m b/CordovaLib/Classes/CDVViewController.m
index 135794e..a33beeb 100644
--- a/CordovaLib/Classes/CDVViewController.m
+++ b/CordovaLib/Classes/CDVViewController.m
@@ -153,11 +153,7 @@
 
 - (BOOL)URLisAllowed:(NSURL*)url
 {
-    if (self.whitelist == nil) {
-        return YES;
-    }
-
-    return [self.whitelist URLIsAllowed:url];
+    return [self shouldAllowNavigationToURL:url];
 }
 
 - (void)parseSettingsWithParser:(NSObject<NSXMLParserDelegate> *)delegate
@@ -718,59 +714,31 @@
     }
 
     /*
-     * If a URL is being loaded that's a file/http/https URL, just load it internally
-     */
-    if ([url isFileURL]) {
-        return YES;
-    }
-
-    /*
      *    If we loaded the HTML from a string, we let the app handle it
      */
-    else if (self.loadFromString == YES) {
+    if (self.loadFromString == YES) {
         self.loadFromString = NO;
         return YES;
     }
 
     /*
-     * all tel: scheme urls we let the UIWebview handle it using the default behavior
-     */
-    else if ([[url scheme] isEqualToString:@"tel"]) {
-        return YES;
-    }
-
-    /*
-     * all about: scheme urls are not handled
-     */
-    else if ([[url scheme] isEqualToString:@"about"]) {
-        return NO;
-    }
-
-    /*
-     * all data: scheme urls are handled
-     */
-    else if ([[url scheme] isEqualToString:@"data"]) {
-        return YES;
-    }
-
-    /*
      * Handle all other types of urls (tel:, sms:), and requests to load a url in the main webview.
      */
-    else {
-        if ([self.whitelist schemeIsAllowed:[url scheme]]) {
-            return [self.whitelist URLIsAllowed:url];
-        } else {
+    BOOL shouldAllowNavigation = [self shouldAllowNavigationToURL:url];
+    if (shouldAllowNavigation) {
+        return YES;
+    } else {
+        BOOL shouldOpenExternalURL = [self shouldOpenExternalURL:url];
+        if (shouldOpenExternalURL) {
             if ([[UIApplication sharedApplication] canOpenURL:url]) {
                 [[UIApplication sharedApplication] openURL:url];
             } else { // handle any custom schemes to plugins
                 [[NSNotificationCenter defaultCenter] postNotification:[NSNotification notificationWithName:CDVPluginHandleOpenURLNotification object:url]];
             }
         }
-
-        return NO;
     }
 
-    return YES;
+    return NO;
 }
 
 - (BOOL)shouldAllowNavigationToURL:(NSURL *)url
@@ -793,6 +761,28 @@
     }
 
     /* Default Policy */
+
+    /*
+     * If a URL is being loaded that's a file/http/https URL, just load it internally
+     */
+    if ([url isFileURL]) {
+        return YES;
+    }
+
+    /*
+     * all about: scheme urls are not handled
+     */
+    else if ([[url scheme] isEqualToString:@"about"]) {
+        return NO;
+    }
+
+    /*
+     * all data: scheme urls are handled
+     */
+    else if ([[url scheme] isEqualToString:@"data"]) {
+        return YES;
+    }
+
     return NO;
 }
 


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cordova.apache.org
For additional commands, e-mail: commits-help@cordova.apache.org