You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shindig.apache.org by jo...@apache.org on 2011/05/04 05:23:59 UTC
svn commit: r1099314 - in /shindig/trunk: content/xpc.swf
features/src/main/flex/Main.as
features/src/main/javascript/features/rpc/flash.transport.js
Author: johnh
Date: Wed May 4 03:23:59 2011
New Revision: 1099314
URL: http://svn.apache.org/viewvc?rev=1099314&view=rev
Log:
Remove unnecessary security-lax pieces of Flash transport implementation:
* Underbar prefix on channel name.
* allowDomain filter on localConnection.
Neither are necessary when xpc.swf is hosted off the same domain for all parties, which is the case for flash transport users.
Modified:
shindig/trunk/content/xpc.swf
shindig/trunk/features/src/main/flex/Main.as
shindig/trunk/features/src/main/javascript/features/rpc/flash.transport.js
Modified: shindig/trunk/content/xpc.swf
URL: http://svn.apache.org/viewvc/shindig/trunk/content/xpc.swf?rev=1099314&r1=1099313&r2=1099314&view=diff
==============================================================================
Files shindig/trunk/content/xpc.swf (original) and shindig/trunk/content/xpc.swf Wed May 4 03:23:59 2011 differ
Modified: shindig/trunk/features/src/main/flex/Main.as
URL: http://svn.apache.org/viewvc/shindig/trunk/features/src/main/flex/Main.as?rev=1099314&r1=1099313&r2=1099314&view=diff
==============================================================================
--- shindig/trunk/features/src/main/flex/Main.as (original)
+++ shindig/trunk/features/src/main/flex/Main.as Wed May 4 03:23:59 2011
@@ -145,21 +145,11 @@ class Main {
var receiving_lc:LocalConnection = new LocalConnection();
var sending_lc:LocalConnection = new LocalConnection();
- var lastSendingDomain:String;
- // Allow messages to be sent from any other SWF to this channel.
- // Message verification itself is handled by both the fact that the
- // channel ID contains the rpc_token as well as the passed message
- // contents themselves, containing the token too. The SWF is
- // largely a simple relay.
- receiving_lc.allowDomain = function(sendingDomain:String) {
- lastSendingDomain = sendingDomain;
- return true;
- };
receiving_lc.receiveMessage =
function(to_origin:String, from_origin:String, in_rpc_key:String, message:String) {
if ((to_origin === "*" || to_origin === my_origin) && (in_rpc_key == rpc_key)) {
ExternalInterface.call("gadgets.rpctx.flash._receiveMessage",
- escFn(message), escFn(from_origin), escFn(to_origin), escFn(lastSendingDomain));
+ escFn(message), escFn(from_origin), escFn(to_origin));
}
};
@@ -167,11 +157,11 @@ class Main {
{ }, function(message:String, to_origin:String) {
if (!to_origin) to_origin = "*";
var sendId:String =
- replaceFn("_channel_" + channel_id + "_" + rpc_key + "_" + other_role, ":", "");
+ replaceFn("channel_" + channel_id + "_" + rpc_key + "_" + other_role, ":", "");
sending_lc.send(sendId,
"receiveMessage", to_origin, my_origin, rpc_key, message);
});
- var recvId:String = replaceFn("_channel_" + channel_id + "_" + rpc_key + "_" + role, ":", "");
+ var recvId:String = replaceFn("channel_" + channel_id + "_" + rpc_key + "_" + role, ":", "");
receiving_lc.connect(recvId);
if (role == "INNER") {
// In child context, trigger notice that the setup method is complete.
Modified: shindig/trunk/features/src/main/javascript/features/rpc/flash.transport.js
URL: http://svn.apache.org/viewvc/shindig/trunk/features/src/main/javascript/features/rpc/flash.transport.js?rev=1099314&r1=1099313&r2=1099314&view=diff
==============================================================================
--- shindig/trunk/features/src/main/javascript/features/rpc/flash.transport.js (original)
+++ shindig/trunk/features/src/main/javascript/features/rpc/flash.transport.js Wed May 4 03:23:59 2011
@@ -183,7 +183,7 @@ if (!gadgets.rpctx.flash) { // make lib
call: call,
// Methods called by relay SWF. Should be considered private.
- _receiveMessage: function(message, fromOrigin, toOrigin, sendingSwfDomain) {
+ _receiveMessage: function(message, fromOrigin, toOrigin) {
var jsonMsg = gadgets.json.parse(message);
var channelReady = jsonMsg[SWF_CHANNEL_READY];
if (channelReady) {