diff options
author | John Christopher Anderson <jchris@apache.org> | 2010-05-19 21:14:28 +0000 |
---|---|---|
committer | John Christopher Anderson <jchris@apache.org> | 2010-05-19 21:14:28 +0000 |
commit | ea00c0491ce7b8642979bd5195aa4851a63eae25 (patch) | |
tree | 23b56179b4cc9c3354268a838cd2737513a4f3a5 | |
parent | 98e34f7e65d344e846b04eaea73d841f9da9cd9c (diff) |
jsonp callbacks are ignored unless jsonp is configured to true
git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@946400 13f79535-47bb-0310-9956-ffa450edef68
-rw-r--r-- | etc/couchdb/default.ini.tpl.in | 1 | ||||
-rw-r--r-- | share/www/script/test/changes.js | 18 | ||||
-rw-r--r-- | share/www/script/test/jsonp.js | 67 | ||||
-rw-r--r-- | src/couchdb/couch_httpd.erl | 14 |
4 files changed, 65 insertions, 35 deletions
diff --git a/etc/couchdb/default.ini.tpl.in b/etc/couchdb/default.ini.tpl.in index 0222839a..453418bb 100644 --- a/etc/couchdb/default.ini.tpl.in +++ b/etc/couchdb/default.ini.tpl.in @@ -24,6 +24,7 @@ vhost_global_handlers = _utils _session _oauth _users +jsonp = false [log] file = %localstatelogdir%/couch.log diff --git a/share/www/script/test/changes.js b/share/www/script/test/changes.js index 4f77771c..6a8802b9 100644 --- a/share/www/script/test/changes.js +++ b/share/www/script/test/changes.js @@ -39,12 +39,18 @@ couchTests.changes = function(debug) { T(resp.results[0].changes[0].rev == docFoo._rev) // test with callback - var xhr = CouchDB.request("GET", "/test_suite_db/_changes?callback=jsonp"); - T(xhr.status == 200); - jsonp_flag = 0; - eval(xhr.responseText); - T(jsonp_flag == 1); - + + run_on_modified_server( + [{section: "httpd", + key: "jsonp", + value: "true"}], + function() { + var xhr = CouchDB.request("GET", "/test_suite_db/_changes?callback=jsonp"); + T(xhr.status == 200); + jsonp_flag = 0; + eval(xhr.responseText); + T(jsonp_flag == 1); + }); req = CouchDB.request("GET", "/test_suite_db/_changes?feed=continuous&timeout=10"); var lines = req.responseText.split("\n"); diff --git a/share/www/script/test/jsonp.js b/share/www/script/test/jsonp.js index dfd6a0df..02349c93 100644 --- a/share/www/script/test/jsonp.js +++ b/share/www/script/test/jsonp.js @@ -32,38 +32,51 @@ couchTests.jsonp = function(debug) { db.deleteDb(); db.createDb(); if (debug) debugger; - + var doc = {_id:"0",a:0,b:0}; T(db.save(doc).ok); + + // callback param is ignored unless jsonp is configured + var xhr = CouchDB.request("GET", "/test_suite_db/0?callback=jsonp_not_configured"); + JSON.parse(xhr.responseText); - // Test unchunked callbacks. - var xhr = CouchDB.request("GET", "/test_suite_db/0?callback=jsonp_no_chunk"); - T(xhr.status == 200); - jsonp_flag = 0; - eval(xhr.responseText); - T(jsonp_flag == 1); - xhr = CouchDB.request("GET", "/test_suite_db/0?callback=foo\""); - T(xhr.status == 400); + run_on_modified_server( + [{section: "httpd", + key: "jsonp", + value: "true"}], + function() { - // Test chunked responses - var doc = {_id:"1",a:1,b:1}; - T(db.save(doc).ok); + // Test unchunked callbacks. + var xhr = CouchDB.request("GET", "/test_suite_db/0?callback=jsonp_no_chunk"); + T(xhr.status == 200); + jsonp_flag = 0; + eval(xhr.responseText); + T(jsonp_flag == 1); + xhr = CouchDB.request("GET", "/test_suite_db/0?callback=foo\""); + T(xhr.status == 400); + + // Test chunked responses + var doc = {_id:"1",a:1,b:1}; + T(db.save(doc).ok); - var designDoc = { - _id:"_design/test", - language: "javascript", - views: { - all_docs: {map: "function(doc) {if(doc.a) emit(null, doc.a);}"} + var designDoc = { + _id:"_design/test", + language: "javascript", + views: { + all_docs: {map: "function(doc) {if(doc.a) emit(null, doc.a);}"} + } } - } - T(db.save(designDoc).ok); + T(db.save(designDoc).ok); + + var url = "/test_suite_db/_design/test/_view/all_docs?callback=jsonp_chunk"; + xhr = CouchDB.request("GET", url); + T(xhr.status == 200); + jsonp_flag = 0; + eval(xhr.responseText); + T(jsonp_flag == 1); + xhr = CouchDB.request("GET", url + "\'"); + T(xhr.status == 400); + }); + - var url = "/test_suite_db/_design/test/_view/all_docs?callback=jsonp_chunk"; - xhr = CouchDB.request("GET", url); - T(xhr.status == 200); - jsonp_flag = 0; - eval(xhr.responseText); - T(jsonp_flag == 1); - xhr = CouchDB.request("GET", url + "\'"); - T(xhr.status == 400); }; diff --git a/src/couchdb/couch_httpd.erl b/src/couchdb/couch_httpd.erl index 00bfc196..15b3de1a 100644 --- a/src/couchdb/couch_httpd.erl +++ b/src/couchdb/couch_httpd.erl @@ -593,8 +593,18 @@ start_jsonp(Req) -> [] -> []; CallBack -> try - validate_callback(CallBack), - CallBack ++ "(" + % make sure jsonp is configured on (default off) + case couch_config:get("httpd", "jsonp", "false") of + "true" -> + validate_callback(CallBack), + CallBack ++ "("; + _Else -> + % this could throw an error message, but instead we just ignore the + % jsonp parameter + % throw({bad_request, <<"JSONP must be configured before using.">>}) + put(jsonp, no_jsonp), + [] + end catch Error -> put(jsonp, no_jsonp), |