Subversion Repositories Applications.papyrus

Rev

Rev 1372 | Go to most recent revision | Show entire file | Ignore whitespace | Details | Blame | Last modification | View Log | RSS feed

Rev 1372 Rev 1422
Line 17... Line 17...
17 
	<script type="text/javascript" src="isAllowed.js"></script>
 17 
	<script type="text/javascript" src="isAllowed.js"></script>
18 
	<!--
 18 
	<!--
19 
	BY DEFAULT THIS FILE DOES NOT WORK SO THAT YOU DON'T ACCIDENTALLY EXPOSE
 19 
	BY DEFAULT THIS FILE DOES NOT WORK SO THAT YOU DON'T ACCIDENTALLY EXPOSE
20 
	ALL OF YOUR XHR-ENABLED SERVICES ON YOUR SITE.
20 
	ALL OF YOUR XHR-ENABLED SERVICES ON YOUR SITE.
Line -... Line 21...
- 
 
 21
21
22 
	In order for this file to work, you need to uncomment the script element,
Line 22... Line 23...
22 
	In order for this file to work, you should define a function with the following signature:
 23 
	and you should define a function with the following signature:
23
24
24 
	function isAllowedRequest(request){
 25 
	function isAllowedRequest(request){
Line 43... Line 44...
43 
	        be the querystring parameters. For a POST request, it wll be the
 44 
	        be the querystring parameters. For a POST request, it wll be the
44 
	        body data.
 45 
	        body data.
Line 45... Line 46...
45
46
46 
	See xip_client.html for more info on the xip fragment identifier protocol.
47 
	See xip_client.html for more info on the xip fragment identifier protocol.
47 
	-->
 - 
 
48 
	<script type="text/javascript">
 - 
 
49 
	// <!--
 - 
 
50 
	djConfig = {
 - 
 
51 
		parseWidgets: false,
 - 
 
52 
		baseScriptUri: "./"
 48 
	-->
53 
	}
 - 
 
54 
	// -->
 49
55 
	</script>
 50 
	<!-- Security protection: uncomment the script tag to enable. -->
56 
	<script type="text/javascript">
 51 
	<!-- script type="text/javascript" -->
57 
	// <!--
 52 
	// <!--
58 
		//Core XHR handling taken from Dojo IO code.
 53 
		//Core XHR handling taken from Dojo IO code.
59 
		dojo = {};
 54 
		dojo = {};
60 
		dojo.hostenv = {};
 55 
		dojo.hostenv = {};
Line 344... Line 339...
344 
		//Decode the init params
 339 
		//Decode the init params
345 
		var config = unpackMessage(window.location.href.split("#")[1]).config;
 340 
		var config = unpackMessage(window.location.href.split("#")[1]).config;
Line 346... Line 341...
346 
 
 341 
 
347 
		xipStateId = config.id;
 342 
		xipStateId = config.id;
- 
 
 343 
		xipClientUrl = config.client;
- 
 
 344
- 
 
 345 
		//Make sure we don't have a javascript: url, just for good measure.
- 
 
 346 
		if(xipClientUrl.split(":")[0].match(/javascript/i)){
- 
 
 347 
			throw "Invalid client URL";
- 
 
 348 
		}
- 
 
 349 
		if(!xipStateId.match(/^XhrIframeProxy[0-9]+$/)){
- 
 
 350 
			throw "Invalid state ID";
- 
 
 351 
		}
348 
		xipClientUrl = config.client;
 352 
 
Line 349... Line 353...
349 
		xipUseFrameRecursion = config["fr"];
 353 
		xipUseFrameRecursion = config["fr"];
Line 350... Line 354...
350 
 
 354 
 
351 
		setInterval(pollHash, 10);
 355 
		setInterval(pollHash, 10);
352
356
- 
 
 357 
		if(xipUseFrameRecursion == "true"){
- 
 
 358 
			var serverUrl = window.location.href.split("#")[0];
- 
 
 359 
			document.getElementById("iframeHolder").innerHTML = '<iframe name="'
- 
 
 360 
				+ xipStateId + '_clientEndPoint'
353 
		if(xipUseFrameRecursion == "true"){
 361 
				+ '" src="javascript:false">'
354 
			var serverUrl = window.location.href.split("#")[0];
 362 
				+ '</iframe>';
355 
			document.getElementById("iframeHolder").innerHTML = '<iframe src="'
 363 
			var iframeNode = document.getElementsByTagName("iframe")[0];
356 
				+ makeClientUrl("init", 'id=' + xipStateId + '&server=' + encodeURIComponent(serverUrl)
 364 
			iframeNode.src = makeClientUrl("init", 'id=' + xipStateId + '&server='
357 
				+ '&fr=endpoint') + '" name="' + xipStateId + '_clientEndPoint"></iframe>';
 365 
				+ encodeURIComponent(serverUrl) + '&fr=endpoint');
358 
		}else{
 366 
		}else{