1
0
mirror of https://github.com/rkd77/elinks.git synced 2024-06-14 23:32:27 +00:00

[xhr] Added bool option ecmascript.allow_xhr_file

This commit is contained in:
Witold Filipczyk 2022-10-31 20:25:32 +01:00
parent 5e802064c9
commit feca5c4b80
5 changed files with 24 additions and 20 deletions

View File

@ -90,6 +90,10 @@ static union option_info ecmascript_options[] = {
"block_window_opening", OPT_ZERO, 0,
N_("Whether to disallow scripts to open new windows or tabs.")),
INIT_OPT_BOOL("ecmascript", N_("Allow XHR requests to local files"),
"allow_xhr_file", OPT_ZERO, 0,
N_("Whether to allow XHR requests to local files.")),
NULL_OPTION_INFO,
};

View File

@ -667,10 +667,14 @@ mjs_xhr_send(js_State *J)
mem_free(url2);
}
}
xhr->download.data = xhr;
xhr->download.callback = (download_callback_T *)mjs_xhr_loading_callback;
if (xhr->uri) {
if (xhr->uri->protocol == PROTOCOL_FILE && !get_opt_bool("ecmascript.allow_xhr_file", NULL)) {
js_pushundefined(J);
return;
}
xhr->download.data = xhr;
xhr->download.callback = (download_callback_T *)mjs_xhr_loading_callback;
load_uri(xhr->uri, doc_view->session->referrer, &xhr->download, PRI_MAIN, CACHE_MODE_NORMAL, -1);
if (xhr->timeout) {
set_connection_timeout_xhr(xhr->download.conn, xhr->timeout);

View File

@ -1154,29 +1154,21 @@ xhr_send(JSContext *ctx, JSValueConst this_val, int argc, JSValueConst *argv)
done_uri(x->uri);
x->uri = get_uri(url2, URI_DIR_LOCATION | URI_PATH | URI_USER | URI_PASSWORD | URI_POST);
mem_free(url2);
// curl_easy_setopt(x->curl_h, CURLOPT_POSTFIELDSIZE, (long) size);
// curl_easy_setopt(x->curl_h, CURLOPT_COPYPOSTFIELDS, body);
JS_FreeCString(ctx, body);
}
}
// if (x->slist)
// curl_easy_setopt(x->curl_h, CURLOPT_HTTPHEADER, x->slist);
// if (x->async)
// curl_multi_add_handle(x->curlm_h, x->curl_h);
// else {
// CURLcode result = curl_easy_perform(x->curl_h);
// curl__done_cb(result, x);
// }
x->sent = true;
x->download.data = x;
x->download.callback = (download_callback_T *)x_loading_callback;
struct ecmascript_interpreter *interpreter = (struct ecmascript_interpreter *)JS_GetContextOpaque(ctx);
struct view_state *vs = interpreter->vs;
struct document_view *doc_view = vs->doc_view;
if (x->uri) {
if (x->uri->protocol == PROTOCOL_FILE && !get_opt_bool("ecmascript.allow_xhr_file", NULL)) {
return JS_UNDEFINED;
}
x->sent = true;
x->download.data = x;
x->download.callback = (download_callback_T *)x_loading_callback;
load_uri(x->uri, doc_view->session->referrer, &x->download, PRI_MAIN, CACHE_MODE_NORMAL, -1);
if (x->timeout) {
set_connection_timeout_xhr(x->download.conn, x->timeout);

View File

@ -849,10 +849,14 @@ xhr_send(JSContext *ctx, unsigned int argc, JS::Value *rval)
mem_free(body);
}
}
xhr->download.data = xhr;
xhr->download.callback = (download_callback_T *)xhr_loading_callback;
if (xhr->uri) {
if (xhr->uri->protocol == PROTOCOL_FILE && !get_opt_bool("ecmascript.allow_xhr_file", NULL)) {
args.rval().setUndefined();
return true;
}
xhr->download.data = xhr;
xhr->download.callback = (download_callback_T *)xhr_loading_callback;
load_uri(xhr->uri, doc_view->session->referrer, &xhr->download, PRI_MAIN, CACHE_MODE_NORMAL, -1);
if (xhr->timeout) {
set_connection_timeout_xhr(xhr->download.conn, xhr->timeout);

View File

@ -9,10 +9,10 @@
<script>
function loadDoc() {
const xhttp = new XMLHttpRequest();
var xhttp = new XMLHttpRequest();
xhttp.onload = function() {
document.getElementById("demo").innerHTML =
this.responseText;
xhttp.responseText;
}
xhttp.open("GET", "ajax_info.txt");
xhttp.send();