Changeset 8610
- Timestamp:
- 05/14/07 16:00:18 (20 months ago)
- Location:
- tags/release-0.4.1/src/io
- Files:
-
- 2 modified
-
xip_client.html (modified) (5 diffs)
-
xip_server.html (modified) (5 diffs)
Legend:
- Unmodified
- Added
- Removed
-
tags/release-0.4.1/src/io/xip_client.html
r6813 r8610 6 6 <title></title> 7 7 <meta http-equiv="Content-Type" content="text/html; charset=utf-8"></meta> 8 <script type="text/javascript"> 8 <!-- Security protection: uncomment the script tag to enable. --> 9 <!-- script type="text/javascript" --> 9 10 // <!-- 10 11 /* … … 144 145 145 146 while((reqData.length - reqIndex) + urlLength > xipUrlLimit){ 146 xipRequestParts.push(reqData.substring(reqIndex, reqIndex + partLength)); 147 reqIndex += partLength; 147 var part = reqData.substring(reqIndex, reqIndex + partLength); 148 //Safari will do some extra hex escaping unless we keep the original hex 149 //escaping complete. 150 var percentIndex = part.lastIndexOf("%"); 151 if(percentIndex == part.length - 1 || percentIndex == part.length - 2){ 152 part = part.substring(0, percentIndex); 153 } 154 xipRequestParts.push(part); 155 reqIndex += part.length; 148 156 } 149 157 xipRequestParts.push(reqData.substring(reqIndex, reqData.length)); … … 216 224 //Remove the query param for the IE7 recursive case. 217 225 xipServerUrl = fixServerUrl(config.server).replace(/(\?|\&)dojo\.fr\=1/, ""); 226 227 //Make sure we don't have a javascript: url, just for good measure. 228 if(xipServerUrl.split(":")[0].match(/javascript/i)){ 229 throw "Invalid server URL"; 230 } 231 218 232 xipUseFrameRecursion = config["fr"]; 219 233 … … 228 242 229 243 var clientUrl = window.location.href.split("#")[0]; 230 document.getElementById("iframeHolder").innerHTML = '<iframe src="' 231 + makeServerUrl("init", 'id=' + xipStateId + '&client=' + encodeURIComponent(clientUrl) 232 + '&fr=' + xipUseFrameRecursion) + '" id="' + xipStateId + '_frame"></iframe>'; 233 234 244 var iframeNode = document.getElementsByTagName("iframe")[0]; 245 iframeNode.id = xipStateId + "_frame"; 246 iframeNode.src = makeServerUrl("init", 'id=' + xipStateId + '&client=' 247 + encodeURIComponent(clientUrl) + '&fr=' + xipUseFrameRecursion); 235 248 } 236 249 … … 250 263 internally by dojo.io.XhrIframeProxy.</p> 251 264 252 < span id="iframeHolder"></span>265 <iframe src="javascript:false"></iframe> 253 266 </body> 254 267 </html> -
tags/release-0.4.1/src/io/xip_server.html
r6813 r8610 20 20 ALL OF YOUR XHR-ENABLED SERVICES ON YOUR SITE. 21 21 22 In order for this file to work, you should define a function with the following signature: 22 In order for this file to work, you need to uncomment the script element, 23 and you should define a function with the following signature: 23 24 24 25 function isAllowedRequest(request){ … … 46 47 See xip_client.html for more info on the xip fragment identifier protocol. 47 48 --> 48 <script type="text/javascript"> 49 // <!-- 50 djConfig = { 51 parseWidgets: false, 52 baseScriptUri: "./" 53 } 54 // --> 55 </script> 56 <script type="text/javascript"> 49 50 <!-- Security protection: uncomment the script tag to enable. --> 51 <!-- script type="text/javascript" --> 57 52 // <!-- 58 53 //Core XHR handling taken from Dojo IO code. … … 166 161 167 162 while((resData.length - resIndex) + urlLength > xipUrlLimit){ 168 xipResponseParts.push(resData.substring(resIndex, resIndex + partLength)); 169 resIndex += partLength; 163 var part = resData.substring(resIndex, resIndex + partLength); 164 //Safari will do some extra hex escaping unless we keep the original hex 165 //escaping complete. 166 var percentIndex = part.lastIndexOf("%"); 167 if(percentIndex == part.length - 1 || percentIndex == part.length - 2){ 168 part = part.substring(0, percentIndex); 169 } 170 xipResponseParts.push(part); 171 resIndex += part.length; 170 172 } 171 173 xipResponseParts.push(resData.substring(resIndex, resData.length)); … … 340 342 xipStateId = config.id; 341 343 xipClientUrl = config.client; 344 345 //Make sure we don't have a javascript: url, just for good measure. 346 if(xipClientUrl.split(":")[0].match(/javascript/i)){ 347 throw "Invalid client URL"; 348 } 349 if(!xipStateId.match(/^XhrIframeProxy[0-9]+$/)){ 350 throw "Invalid state ID"; 351 } 352 342 353 xipUseFrameRecursion = config["fr"]; 343 354 … … 346 357 if(xipUseFrameRecursion == "true"){ 347 358 var serverUrl = window.location.href.split("#")[0]; 348 document.getElementById("iframeHolder").innerHTML = '<iframe src="' 349 + makeClientUrl("init", 'id=' + xipStateId + '&server=' + encodeURIComponent(serverUrl) 350 + '&fr=endpoint') + '" name="' + xipStateId + '_clientEndPoint"></iframe>'; 359 document.getElementById("iframeHolder").innerHTML = '<iframe name="' 360 + xipStateId + '_clientEndPoint' 361 + '" src="javascript:false">' 362 + '</iframe>'; 363 var iframeNode = document.getElementsByTagName("iframe")[0]; 364 iframeNode.src = makeClientUrl("init", 'id=' + xipStateId + '&server=' 365 + encodeURIComponent(serverUrl) + '&fr=endpoint'); 351 366 }else{ 352 367 setClientUrl("loaded");
