You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cordova.apache.org by ia...@apache.org on 2014/02/07 21:03:13 UTC
[1/2] ios commit: CB-5991: Fix whitelist path matching for trailing
slashes
Updated Branches:
refs/heads/master 878a7e549 -> 42e1b4c25
CB-5991: Fix whitelist path matching for trailing slashes
Project: http://git-wip-us.apache.org/repos/asf/cordova-ios/repo
Commit: http://git-wip-us.apache.org/repos/asf/cordova-ios/commit/7d2370c8
Tree: http://git-wip-us.apache.org/repos/asf/cordova-ios/tree/7d2370c8
Diff: http://git-wip-us.apache.org/repos/asf/cordova-ios/diff/7d2370c8
Branch: refs/heads/master
Commit: 7d2370c89f234f84b71960974054c06e5af3b098
Parents: 878a7e5
Author: Ian Clelland <ic...@chromium.org>
Authored: Fri Feb 7 14:57:49 2014 -0500
Committer: Ian Clelland <ic...@chromium.org>
Committed: Fri Feb 7 14:57:49 2014 -0500
----------------------------------------------------------------------
CordovaLib/Classes/CDVWhitelist.m | 6 ++++++
1 file changed, 6 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cordova-ios/blob/7d2370c8/CordovaLib/Classes/CDVWhitelist.m
----------------------------------------------------------------------
diff --git a/CordovaLib/Classes/CDVWhitelist.m b/CordovaLib/Classes/CDVWhitelist.m
index 0095c55..b9a68ac 100644
--- a/CordovaLib/Classes/CDVWhitelist.m
+++ b/CordovaLib/Classes/CDVWhitelist.m
@@ -44,6 +44,12 @@ NSString* const kCDVDefaultSchemeName = @"cdv-default-scheme";
if (allowWildcards) {
regex = [regex stringByReplacingOccurrencesOfString:@"\\*" withString:@".*"];
+ /* [NSURL path] has the peculiarity that a trailing slash at the end of a path
+ * will be omitted. This regex tweak compensates for that.
+ */
+ if ([regex hasSuffix:@"\\/.*"]) {
+ regex = [NSString stringWithFormat:@"%@(\\/.*)?", [regex substringToIndex:([regex length]-4)]];
+ }
}
return [NSString stringWithFormat:@"%@$", regex];
}
[2/2] ios commit: CB-5395: Make scheme and host (but not path)
case-insensitive in whitelist
Posted by ia...@apache.org.
CB-5395: Make scheme and host (but not path) case-insensitive in whitelist
Project: http://git-wip-us.apache.org/repos/asf/cordova-ios/repo
Commit: http://git-wip-us.apache.org/repos/asf/cordova-ios/commit/42e1b4c2
Tree: http://git-wip-us.apache.org/repos/asf/cordova-ios/tree/42e1b4c2
Diff: http://git-wip-us.apache.org/repos/asf/cordova-ios/diff/42e1b4c2
Branch: refs/heads/master
Commit: 42e1b4c259feac29852641937836ad528d7ceea8
Parents: 7d2370c
Author: Ian Clelland <ic...@chromium.org>
Authored: Fri Feb 7 15:00:36 2014 -0500
Committer: Ian Clelland <ic...@chromium.org>
Committed: Fri Feb 7 15:02:24 2014 -0500
----------------------------------------------------------------------
CordovaLib/Classes/CDVWhitelist.m | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cordova-ios/blob/42e1b4c2/CordovaLib/Classes/CDVWhitelist.m
----------------------------------------------------------------------
diff --git a/CordovaLib/Classes/CDVWhitelist.m b/CordovaLib/Classes/CDVWhitelist.m
index b9a68ac..d27a8e6 100644
--- a/CordovaLib/Classes/CDVWhitelist.m
+++ b/CordovaLib/Classes/CDVWhitelist.m
@@ -61,14 +61,14 @@ NSString* const kCDVDefaultSchemeName = @"cdv-default-scheme";
if ((scheme == nil) || [scheme isEqualToString:@"*"]) {
_scheme = nil;
} else {
- _scheme = [NSRegularExpression regularExpressionWithPattern:[CDVWhitelistPattern regexFromPattern:scheme allowWildcards:NO] options:0 error:nil];
+ _scheme = [NSRegularExpression regularExpressionWithPattern:[CDVWhitelistPattern regexFromPattern:scheme allowWildcards:NO] options:NSRegularExpressionCaseInsensitive error:nil];
}
if ([host isEqualToString:@"*"]) {
_host = nil;
} else if ([host hasPrefix:@"*."]) {
- _host = [NSRegularExpression regularExpressionWithPattern:[NSString stringWithFormat:@"([a-z0-9.-]*\\.)?%@", [CDVWhitelistPattern regexFromPattern:[host substringFromIndex:2] allowWildcards:false]] options:0 error:nil];
+ _host = [NSRegularExpression regularExpressionWithPattern:[NSString stringWithFormat:@"([a-z0-9.-]*\\.)?%@", [CDVWhitelistPattern regexFromPattern:[host substringFromIndex:2] allowWildcards:false]] options:NSRegularExpressionCaseInsensitive error:nil];
} else {
- _host = [NSRegularExpression regularExpressionWithPattern:[CDVWhitelistPattern regexFromPattern:host allowWildcards:NO] options:0 error:nil];
+ _host = [NSRegularExpression regularExpressionWithPattern:[CDVWhitelistPattern regexFromPattern:host allowWildcards:NO] options:NSRegularExpressionCaseInsensitive error:nil];
}
if ((port == nil) || [port isEqualToString:@"*"]) {
_port = nil;
@@ -168,7 +168,7 @@ NSString* const kCDVDefaultSchemeName = @"cdv-default-scheme";
self.whitelist = nil;
self.permittedSchemes = nil;
} else { // specific access
- NSRegularExpression* parts = [NSRegularExpression regularExpressionWithPattern:@"^((\\*|[a-z-]+)://)?(((\\*\\.)?[^*/:]+)|\\*)?(:(\\d+))?(/.*)?" options:0 error:nil];
+ NSRegularExpression* parts = [NSRegularExpression regularExpressionWithPattern:@"^((\\*|[A-Za-z-]+)://)?(((\\*\\.)?[^*/:]+)|\\*)?(:(\\d+))?(/.*)?" options:0 error:nil];
NSTextCheckingResult* m = [parts firstMatchInString:origin options:NSMatchingAnchored range:NSMakeRange(0, [origin length])];
if (m != nil) {
NSRange r;
@@ -245,7 +245,7 @@ NSString* const kCDVDefaultSchemeName = @"cdv-default-scheme";
}
// Shortcut rejection: Check that the scheme is supported
- NSString* scheme = [url scheme];
+ NSString* scheme = [[url scheme] lowercaseString];
if (![self schemeIsAllowed:scheme]) {
if (logFailure) {
NSLog(@"%@", [self errorStringForURL:url]);