mirrors/axios
2
0
Fork 0
mirror of https://github.com/tenrok/axios.git synced 2026-06-20 20:00:40 +03:00
Code Activity

Making isURLSameOrigin/cookies safe to use in all envs

Browse Source
This commit is contained in:
Matt Zabriskie
2015-11-19 15:18:47 -07:00
parent affe3aaa9a
commit 3d65057d71
9 changed files with 139 additions and 119 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lib/adapters/http.js
+2 -2
View File
@@ -2,7 +2,7 @@
var defaults = require('./../defaults'); var defaults = require('./../defaults');
var utils = require('./../utils'); var utils = require('./../utils');
var buildUrl = require('./../helpers/buildUrl'); var buildURL = require('./../helpers/buildURL');
var transformData = require('./../helpers/transformData'); var transformData = require('./../helpers/transformData');
var http = require('http'); var http = require('http');
var https = require('https'); var https = require('https');
@@ -50,7 +50,7 @@ module.exports = function httpAdapter(resolve, reject, config) {
var options = { var options = {
host: parsed.hostname, host: parsed.hostname,
port: parsed.port, port: parsed.port,
path: buildUrl(parsed.path, config.params).replace(/^\?/, ''), path: buildURL(parsed.path, config.params).replace(/^\?/, ''),
method: config.method, method: config.method,
headers: headers, headers: headers,
agent: config.agent agent: config.agent
lib/adapters/xhr.js
+4 -4
View File
@@ -4,7 +4,7 @@
var defaults = require('./../defaults'); var defaults = require('./../defaults');
var utils = require('./../utils'); var utils = require('./../utils');
var buildUrl = require('./../helpers/buildUrl'); var buildURL = require('./../helpers/buildURL');
var parseHeaders = require('./../helpers/parseHeaders'); var parseHeaders = require('./../helpers/parseHeaders');
var transformData = require('./../helpers/transformData'); var transformData = require('./../helpers/transformData');
@@ -29,7 +29,7 @@ module.exports = function xhrAdapter(resolve, reject, config) {
// Create the request // Create the request
var request = new (XMLHttpRequest || ActiveXObject)('Microsoft.XMLHTTP'); var request = new (XMLHttpRequest || ActiveXObject)('Microsoft.XMLHTTP');
request.open(config.method.toUpperCase(), buildUrl(config.url, config.params, config.paramsSerializer), true); request.open(config.method.toUpperCase(), buildURL(config.url, config.params, config.paramsSerializer), true);
// Set the request timeout in MS // Set the request timeout in MS
request.timeout = config.timeout; request.timeout = config.timeout;
@@ -67,10 +67,10 @@ module.exports = function xhrAdapter(resolve, reject, config) {
// Specifically not if we're in a web worker, or react-native. // Specifically not if we're in a web worker, or react-native.
if (utils.isStandardBrowserEnv()) { if (utils.isStandardBrowserEnv()) {
var cookies = require('./../helpers/cookies'); var cookies = require('./../helpers/cookies');
var urlIsSameOrigin = require('./../helpers/urlIsSameOrigin'); var isURLSameOrigin = require('./../helpers/isURLSameOrigin');
// Add xsrf header // Add xsrf header
var xsrfValue = urlIsSameOrigin(config.url) ? var xsrfValue = isURLSameOrigin(config.url) ?
cookies.read(config.xsrfCookieName || defaults.xsrfCookieName) : cookies.read(config.xsrfCookieName || defaults.xsrfCookieName) :
undefined; undefined;
lib/helpers/buildUrl.js
+1 -1
View File
@@ -20,7 +20,7 @@ function encode(val) {
* @param {object} [params] The params to be appended * @param {object} [params] The params to be appended
* @returns {string} The formatted url * @returns {string} The formatted url
*/ */
module.exports = function buildUrl(url, params, paramsSerializer) { module.exports = function buildURL(url, params, paramsSerializer) {
if (!params) { if (!params) {
return url; return url;
} }
lib/helpers/cookies.js
+42 -32
View File
@@ -1,43 +1,53 @@
'use strict'; 'use strict';
/**
* WARNING:
* This file makes references to objects that aren't safe in all environments.
* Please see lib/utils.isStandardBrowserEnv before including this file.
*/
var utils = require('./../utils'); var utils = require('./../utils');
module.exports = { module.exports = (
write: function write(name, value, expires, path, domain, secure) { utils.isStandardBrowserEnv() ?
var cookie = [];
cookie.push(name + '=' + encodeURIComponent(value));
if (utils.isNumber(expires)) { // Standard browser envs support document.cookie
cookie.push('expires=' + new Date(expires).toGMTString()); (function () {
} return {
write: function write(name, value, expires, path, domain, secure) {
var cookie = [];
cookie.push(name + '=' + encodeURIComponent(value));
if (utils.isString(path)) { if (utils.isNumber(expires)) {
cookie.push('path=' + path); cookie.push('expires=' + new Date(expires).toGMTString());
} }
if (utils.isString(domain)) { if (utils.isString(path)) {
cookie.push('domain=' + domain); cookie.push('path=' + path);
} }
if (secure === true) { if (utils.isString(domain)) {
cookie.push('secure'); cookie.push('domain=' + domain);
} }
document.cookie = cookie.join('; '); if (secure === true) {
}, cookie.push('secure');
}
read: function read(name) { document.cookie = cookie.join('; ');
var match = document.cookie.match(new RegExp('(^|;\\s*)(' + name + ')=([^;]*)')); },
return (match ? decodeURIComponent(match[3]) : null);
},
remove: function remove(name) { read: function read(name) {
this.write(name, '', Date.now() - 86400000); var match = document.cookie.match(new RegExp('(^|;\\s*)(' + name + ')=([^;]*)'));
} return (match ? decodeURIComponent(match[3]) : null);
}; },
remove: function remove(name) {
this.write(name, '', Date.now() - 86400000);
}
};
})() :
// Non standard browser env (web workers, react-native) lack needed support.
(function () {
return {
write: function write() {},
read: function read() { return null; },
remove: function remove() {}
};
})()
);
lib/helpers/isURLSameOrigin.js
+68
View File
@@ -0,0 +1,68 @@
'use strict';
var utils = require('./../utils');
module.exports = (
utils.isStandardBrowserEnv() ?
// Standard browser envs have full support of the APIs needed to test
// whether the request URL is of the same origin as current location.
(function () {
var msie = /(msie|trident)/i.test(navigator.userAgent);
var urlParsingNode = document.createElement('a');
var originURL;
/**
* Parse a URL to discover it's components
*
* @param {String} url The URL to be parsed
* @returns {Object}
*/
function resolveURL(url) {
var href = url;
if (msie) {
// IE needs attribute set twice to normalize properties
urlParsingNode.setAttribute('href', href);
href = urlParsingNode.href;
}
urlParsingNode.setAttribute('href', href);
// urlParsingNode provides the UrlUtils interface - http://url.spec.whatwg.org/#urlutils
return {
href: urlParsingNode.href,
protocol: urlParsingNode.protocol ? urlParsingNode.protocol.replace(/:$/, '') : '',
host: urlParsingNode.host,
search: urlParsingNode.search ? urlParsingNode.search.replace(/^\?/, '') : '',
hash: urlParsingNode.hash ? urlParsingNode.hash.replace(/^#/, '') : '',
hostname: urlParsingNode.hostname,
port: urlParsingNode.port,
pathname: (urlParsingNode.pathname.charAt(0) === '/') ?
urlParsingNode.pathname :
'/' + urlParsingNode.pathname
};
}
originURL = resolveURL(window.location.href);
/**
* Determine if a URL shares the same origin as the current location
*
* @param {String} requestURL The URL to test
* @returns {boolean} True if URL shares the same origin, otherwise false
*/
return function isURLSameOrigin(requestURL) {
var parsed = (utils.isString(requestURL)) ? resolveURL(requestURL) : requestURL;
return (parsed.protocol === originURL.protocol &&
parsed.host === originURL.host);
};
})() :
// Non standard browser envs (web workers, react-native) lack needed support.
(function () {
return function isURLSameOrigin() {
return true;
};
})()
);
lib/helpers/urlIsSameOrigin.js
-58
View File
@@ -1,58 +0,0 @@
'use strict';
/**
* WARNING:
* This file makes references to objects that aren't safe in all environments.
* Please see lib/utils.isStandardBrowserEnv before including this file.
*/
var utils = require('./../utils');
var msie = /(msie|trident)/i.test(navigator.userAgent);
var urlParsingNode = document.createElement('a');
var originUrl;
/**
* Parse a URL to discover it's components
*
* @param {String} url The URL to be parsed
* @returns {Object}
*/
function urlResolve(url) {
var href = url;
if (msie) {
// IE needs attribute set twice to normalize properties
urlParsingNode.setAttribute('href', href);
href = urlParsingNode.href;
}
urlParsingNode.setAttribute('href', href);
// urlParsingNode provides the UrlUtils interface - http://url.spec.whatwg.org/#urlutils
return {
href: urlParsingNode.href,
protocol: urlParsingNode.protocol ? urlParsingNode.protocol.replace(/:$/, '') : '',
host: urlParsingNode.host,
search: urlParsingNode.search ? urlParsingNode.search.replace(/^\?/, '') : '',
hash: urlParsingNode.hash ? urlParsingNode.hash.replace(/^#/, '') : '',
hostname: urlParsingNode.hostname,
port: urlParsingNode.port,
pathname: (urlParsingNode.pathname.charAt(0) === '/') ?
urlParsingNode.pathname :
'/' + urlParsingNode.pathname
};
}
originUrl = urlResolve(window.location.href);
/**
* Determine if a URL shares the same origin as the current location
*
* @param {String} requestUrl The URL to test
* @returns {boolean} True if URL shares the same origin, otherwise false
*/
module.exports = function urlIsSameOrigin(requestUrl) {
var parsed = (utils.isString(requestUrl)) ? urlResolve(requestUrl) : requestUrl;
return (parsed.protocol === originUrl.protocol &&
parsed.host === originUrl.host);
};
test/specs/helpers/buildUrl.spec.js
+11 -11
View File
@@ -1,18 +1,18 @@
var buildUrl = require('../../../lib/helpers/buildUrl'); var buildURL = require('../../../lib/helpers/buildURL');
describe('helpers::buildUrl', function () { describe('helpers::buildURL', function () {
it('should support null params', function () { it('should support null params', function () {
expect(buildUrl('/foo')).toEqual('/foo'); expect(buildURL('/foo')).toEqual('/foo');
}); });
it('should support params', function () { it('should support params', function () {
expect(buildUrl('/foo', { expect(buildURL('/foo', {
foo: 'bar' foo: 'bar'
})).toEqual('/foo?foo=bar'); })).toEqual('/foo?foo=bar');
}); });
it('should support object params', function () { it('should support object params', function () {
expect(buildUrl('/foo', { expect(buildURL('/foo', {
foo: { foo: {
bar: 'baz' bar: 'baz'
} }
@@ -22,31 +22,31 @@ describe('helpers::buildUrl', function () {
it('should support date params', function () { it('should support date params', function () {
var date = new Date(); var date = new Date();
expect(buildUrl('/foo', { expect(buildURL('/foo', {
date: date date: date
})).toEqual('/foo?date=' + date.toISOString()); })).toEqual('/foo?date=' + date.toISOString());
}); });
it('should support array params', function () { it('should support array params', function () {
expect(buildUrl('/foo', { expect(buildURL('/foo', {
foo: ['bar', 'baz'] foo: ['bar', 'baz']
})).toEqual('/foo?foo[]=bar&foo[]=baz'); })).toEqual('/foo?foo[]=bar&foo[]=baz');
}); });
it('should support special char params', function () { it('should support special char params', function () {
expect(buildUrl('/foo', { expect(buildURL('/foo', {
foo: '@:$, ' foo: '@:$, '
})).toEqual('/foo?foo=@:$,+'); })).toEqual('/foo?foo=@:$,+');
}); });
it('should support existing params', function () { it('should support existing params', function () {
expect(buildUrl('/foo?foo=bar', { expect(buildURL('/foo?foo=bar', {
bar: 'baz' bar: 'baz'
})).toEqual('/foo?foo=bar&bar=baz'); })).toEqual('/foo?foo=bar&bar=baz');
}); });
it('should support "length" parameter', function () { it('should support "length" parameter', function () {
expect(buildUrl('/foo', { expect(buildURL('/foo', {
query: 'bar', query: 'bar',
start: 0, start: 0,
length: 5 length: 5
@@ -57,7 +57,7 @@ describe('helpers::buildUrl', function () {
serializer = sinon.stub(); serializer = sinon.stub();
params = {foo: 'bar'}; params = {foo: 'bar'};
serializer.returns('foo=bar'); serializer.returns('foo=bar');
expect(buildUrl('/foo', params, serializer)).toEqual('/foo?foo=bar'); expect(buildURL('/foo', params, serializer)).toEqual('/foo?foo=bar');
expect(serializer.calledOnce).toBe(true); expect(serializer.calledOnce).toBe(true);
expect(serializer.calledWith(params)).toBe(true); expect(serializer.calledWith(params)).toBe(true);
}) })
test/specs/helpers/isURLSameOrigin.spec.js
+11
View File
@@ -0,0 +1,11 @@
var isURLSameOrigin = require('../../../lib/helpers/isURLSameOrigin');
describe('helpers::isURLSameOrigin', function () {
it('should detect same origin', function () {
expect(isURLSameOrigin(window.location.href)).toEqual(true);
});
it('should detect different origin', function () {
expect(isURLSameOrigin('https://github.com/mzabriskie/axios')).toEqual(false);
});
});
test/specs/helpers/urlIsSameOrigin.spec.js
-11
View File
@@ -1,11 +0,0 @@
var urlIsSameOrigin = require('../../../lib/helpers/urlIsSameOrigin');
describe('helpers::urlIsSameOrigin', function () {
it('should detect same origin', function () {
expect(urlIsSameOrigin(window.location.href)).toEqual(true);
});
it('should detect different origin', function () {
expect(urlIsSameOrigin('https://github.com/mzabriskie/axios')).toEqual(false);
});
});