mirror of
https://github.com/tenrok/axios.git
synced 2026-06-17 19:21:29 +03:00
Making isURLSameOrigin/cookies safe to use in all envs
This commit is contained in:
Matt Zabriskie
@@ -20,7 +20,7 @@ function encode(val) {
|
||||
* @param {object} [params] The params to be appended
|
||||
* @returns {string} The formatted url
|
||||
*/
|
||||
module.exports = function buildUrl(url, params, paramsSerializer) {
|
||||
module.exports = function buildURL(url, params, paramsSerializer) {
|
||||
if (!params) {
|
||||
return url;
|
||||
}
|
||||
|
||||
+42
-32
@@ -1,43 +1,53 @@
|
||||
'use strict';
|
||||
|
||||
/**
|
||||
* WARNING:
|
||||
* This file makes references to objects that aren't safe in all environments.
|
||||
* Please see lib/utils.isStandardBrowserEnv before including this file.
|
||||
*/
|
||||
|
||||
var utils = require('./../utils');
|
||||
|
||||
module.exports = {
|
||||
write: function write(name, value, expires, path, domain, secure) {
|
||||
var cookie = [];
|
||||
cookie.push(name + '=' + encodeURIComponent(value));
|
||||
module.exports = (
|
||||
utils.isStandardBrowserEnv() ?
|
||||
|
||||
if (utils.isNumber(expires)) {
|
||||
cookie.push('expires=' + new Date(expires).toGMTString());
|
||||
}
|
||||
// Standard browser envs support document.cookie
|
||||
(function () {
|
||||
return {
|
||||
write: function write(name, value, expires, path, domain, secure) {
|
||||
var cookie = [];
|
||||
cookie.push(name + '=' + encodeURIComponent(value));
|
||||
|
||||
if (utils.isString(path)) {
|
||||
cookie.push('path=' + path);
|
||||
}
|
||||
if (utils.isNumber(expires)) {
|
||||
cookie.push('expires=' + new Date(expires).toGMTString());
|
||||
}
|
||||
|
||||
if (utils.isString(domain)) {
|
||||
cookie.push('domain=' + domain);
|
||||
}
|
||||
if (utils.isString(path)) {
|
||||
cookie.push('path=' + path);
|
||||
}
|
||||
|
||||
if (secure === true) {
|
||||
cookie.push('secure');
|
||||
}
|
||||
if (utils.isString(domain)) {
|
||||
cookie.push('domain=' + domain);
|
||||
}
|
||||
|
||||
document.cookie = cookie.join('; ');
|
||||
},
|
||||
if (secure === true) {
|
||||
cookie.push('secure');
|
||||
}
|
||||
|
||||
read: function read(name) {
|
||||
var match = document.cookie.match(new RegExp('(^|;\\s*)(' + name + ')=([^;]*)'));
|
||||
return (match ? decodeURIComponent(match[3]) : null);
|
||||
},
|
||||
document.cookie = cookie.join('; ');
|
||||
},
|
||||
|
||||
remove: function remove(name) {
|
||||
this.write(name, '', Date.now() - 86400000);
|
||||
}
|
||||
};
|
||||
read: function read(name) {
|
||||
var match = document.cookie.match(new RegExp('(^|;\\s*)(' + name + ')=([^;]*)'));
|
||||
return (match ? decodeURIComponent(match[3]) : null);
|
||||
},
|
||||
|
||||
remove: function remove(name) {
|
||||
this.write(name, '', Date.now() - 86400000);
|
||||
}
|
||||
};
|
||||
})() :
|
||||
|
||||
// Non standard browser env (web workers, react-native) lack needed support.
|
||||
(function () {
|
||||
return {
|
||||
write: function write() {},
|
||||
read: function read() { return null; },
|
||||
remove: function remove() {}
|
||||
};
|
||||
})()
|
||||
);
|
||||
|
||||
@@ -0,0 +1,68 @@
|
||||
'use strict';
|
||||
|
||||
var utils = require('./../utils');
|
||||
|
||||
module.exports = (
|
||||
utils.isStandardBrowserEnv() ?
|
||||
|
||||
// Standard browser envs have full support of the APIs needed to test
|
||||
// whether the request URL is of the same origin as current location.
|
||||
(function () {
|
||||
var msie = /(msie|trident)/i.test(navigator.userAgent);
|
||||
var urlParsingNode = document.createElement('a');
|
||||
var originURL;
|
||||
|
||||
/**
|
||||
* Parse a URL to discover it's components
|
||||
*
|
||||
* @param {String} url The URL to be parsed
|
||||
* @returns {Object}
|
||||
*/
|
||||
function resolveURL(url) {
|
||||
var href = url;
|
||||
|
||||
if (msie) {
|
||||
// IE needs attribute set twice to normalize properties
|
||||
urlParsingNode.setAttribute('href', href);
|
||||
href = urlParsingNode.href;
|
||||
}
|
||||
|
||||
urlParsingNode.setAttribute('href', href);
|
||||
|
||||
// urlParsingNode provides the UrlUtils interface - http://url.spec.whatwg.org/#urlutils
|
||||
return {
|
||||
href: urlParsingNode.href,
|
||||
protocol: urlParsingNode.protocol ? urlParsingNode.protocol.replace(/:$/, '') : '',
|
||||
host: urlParsingNode.host,
|
||||
search: urlParsingNode.search ? urlParsingNode.search.replace(/^\?/, '') : '',
|
||||
hash: urlParsingNode.hash ? urlParsingNode.hash.replace(/^#/, '') : '',
|
||||
hostname: urlParsingNode.hostname,
|
||||
port: urlParsingNode.port,
|
||||
pathname: (urlParsingNode.pathname.charAt(0) === '/') ?
|
||||
urlParsingNode.pathname :
|
||||
'/' + urlParsingNode.pathname
|
||||
};
|
||||
}
|
||||
|
||||
originURL = resolveURL(window.location.href);
|
||||
|
||||
/**
|
||||
* Determine if a URL shares the same origin as the current location
|
||||
*
|
||||
* @param {String} requestURL The URL to test
|
||||
* @returns {boolean} True if URL shares the same origin, otherwise false
|
||||
*/
|
||||
return function isURLSameOrigin(requestURL) {
|
||||
var parsed = (utils.isString(requestURL)) ? resolveURL(requestURL) : requestURL;
|
||||
return (parsed.protocol === originURL.protocol &&
|
||||
parsed.host === originURL.host);
|
||||
};
|
||||
})() :
|
||||
|
||||
// Non standard browser envs (web workers, react-native) lack needed support.
|
||||
(function () {
|
||||
return function isURLSameOrigin() {
|
||||
return true;
|
||||
};
|
||||
})()
|
||||
);
|
||||
@@ -1,58 +0,0 @@
|
||||
'use strict';
|
||||
|
||||
/**
|
||||
* WARNING:
|
||||
* This file makes references to objects that aren't safe in all environments.
|
||||
* Please see lib/utils.isStandardBrowserEnv before including this file.
|
||||
*/
|
||||
|
||||
var utils = require('./../utils');
|
||||
var msie = /(msie|trident)/i.test(navigator.userAgent);
|
||||
var urlParsingNode = document.createElement('a');
|
||||
var originUrl;
|
||||
|
||||
/**
|
||||
* Parse a URL to discover it's components
|
||||
*
|
||||
* @param {String} url The URL to be parsed
|
||||
* @returns {Object}
|
||||
*/
|
||||
function urlResolve(url) {
|
||||
var href = url;
|
||||
|
||||
if (msie) {
|
||||
// IE needs attribute set twice to normalize properties
|
||||
urlParsingNode.setAttribute('href', href);
|
||||
href = urlParsingNode.href;
|
||||
}
|
||||
|
||||
urlParsingNode.setAttribute('href', href);
|
||||
|
||||
// urlParsingNode provides the UrlUtils interface - http://url.spec.whatwg.org/#urlutils
|
||||
return {
|
||||
href: urlParsingNode.href,
|
||||
protocol: urlParsingNode.protocol ? urlParsingNode.protocol.replace(/:$/, '') : '',
|
||||
host: urlParsingNode.host,
|
||||
search: urlParsingNode.search ? urlParsingNode.search.replace(/^\?/, '') : '',
|
||||
hash: urlParsingNode.hash ? urlParsingNode.hash.replace(/^#/, '') : '',
|
||||
hostname: urlParsingNode.hostname,
|
||||
port: urlParsingNode.port,
|
||||
pathname: (urlParsingNode.pathname.charAt(0) === '/') ?
|
||||
urlParsingNode.pathname :
|
||||
'/' + urlParsingNode.pathname
|
||||
};
|
||||
}
|
||||
|
||||
originUrl = urlResolve(window.location.href);
|
||||
|
||||
/**
|
||||
* Determine if a URL shares the same origin as the current location
|
||||
*
|
||||
* @param {String} requestUrl The URL to test
|
||||
* @returns {boolean} True if URL shares the same origin, otherwise false
|
||||
*/
|
||||
module.exports = function urlIsSameOrigin(requestUrl) {
|
||||
var parsed = (utils.isString(requestUrl)) ? urlResolve(requestUrl) : requestUrl;
|
||||
return (parsed.protocol === originUrl.protocol &&
|
||||
parsed.host === originUrl.host);
|
||||
};
|
||||
Reference in New Issue
Block a user