r75576 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r75575‎ \| r75576 \| r75577 >
Date:	20:24, 27 October 2010
Author:	dale
Status:	deferred
Tags:
Comment:	added missing client / server iframe api javascript
Modified paths:	/branches/MwEmbedStandAlone/modules/EmbedPlayer/mw.IFramePlayerApiClient.js (added) (history) /branches/MwEmbedStandAlone/modules/EmbedPlayer/mw.IFramePlayerApiServer.js (added) (history)

Diff [purge]

Index: branches/MwEmbedStandAlone/modules/EmbedPlayer/mw.IFramePlayerApiClient.js
—	—	@@ -0,0 +1,53 @@
	2	+/**
	3	+* iFrame api mapping support
	4	+*
	5	+* Client side ( binds a given iFrames to expose the player api )
	6	+*/
	7	+
	8	+// Add the jQuery binding
	9	+( function( $ ) {
	10	+ $.fn.iFramePlayer = function( options ){
	11	+
	12	+ var iframe = $(this.selector).get(0);
	13	+ var cat = new mw.IFramePlayerApiClient( iframe, options );
	14	+ };
	15	+
	16	+} )( jQuery );
	17	+
	18	+mw.IFramePlayerApiClient = function( iframe, options ){
	19	+ return this.init( iframe , options);
	20	+}
	21	+mw.IFramePlayerApiClient.prototype = {
	22	+ exportedMethods: [
	23	+ 'play',
	24	+ 'pause'
	25	+ ],
	26	+ exportedBindings: [
	27	+ 'ended'
	28	+ ],
	29	+ init: function( iframe , options ){
	30	+ this.iframe = iframe;
	31	+ if( !options.targetOrigin ){
	32	+ mw.log("Error: IFramePlayerApiClient please supply a target origin");
	33	+ return ;
	34	+ } else {
	35	+ this.targetOrigin = options.targetOrigin;
	36	+ }
	37	+ this.addPlayerApi();
	38	+ },
	39	+ addPlayerApi: function(){
	40	+ var _this = this;
	41	+ $j.each( this.exportedMethods, function(na, method){
	42	+ _this.iframe[ method ] = function(){
	43	+ _this.postMethod( method, arguments );
	44	+ };
	45	+ });
	46	+ },
	47	+ postMethod: function( method , args){
	48	+ mw.log("IFramePlayer:: Post method: '" + method + "' with " + args.length + " arguments");
	49	+ var methodMsg = {
	50	+ 'method' : method
	51	+ };
	52	+ this.iframe.contentWindow.postMessage( JSON.stringify( methodMsg ), this.targetOrigin );
	53	+ }
	54	+};
Property changes on: branches/MwEmbedStandAlone/modules/EmbedPlayer/mw.IFramePlayerApiClient.js
___________________________________________________________________
Added: svn:mime-type
1	55	+ text/plain
Index: branches/MwEmbedStandAlone/modules/EmbedPlayer/mw.IFramePlayerApiServer.js
—	—	@@ -0,0 +1,99 @@
	2	+/**
	3	+* iFrame api mapping support
	4	+*
	5	+* enables player api to be accesses cross domain as
	6	+* if the video element was in page dom
	7	+*
	8	+* native support in:
	9	+* * Internet Explorer 8.0+
	10	+* * Firefox 3.0+
	11	+* * Safari 4.0+
	12	+* * Google Chrome 1.0+
	13	+* * Opera 9.5+
	14	+*
	15	+* fallback iframe cross domain hack will target IE6/7
	16	+*/
	17	+// Bind ourself to newEmbedPlayers:
	18	+$j( mw ).bind( 'newEmbedPlayerEvent', function( event, embedPlayer ) {
	19	+ embedPlayer['iFrameServer'] = new mw.IFramePlayerApiServer( embedPlayer )
	20	+});
	21	+
	22	+
	23	+mw.IFramePlayerApiServer = function( embedPlayer ){
	24	+ this.init( embedPlayer );
	25	+}
	26	+
	27	+mw.IFramePlayerApiServer.prototype = {
	28	+
	29	+ init: function( embedPlayer ){
	30	+ this.embedPlayer = embedPlayer;
	31	+ this.addIframeListener();
	32	+ },
	33	+
	34	+ addIframeListener: function(){
	35	+ var _this = this;
	36	+ if (window.addEventListener) {
	37	+ // For standards-compliant web browsers
	38	+ window.addEventListener("message", function(event){
	39	+ _this.hanldeMsg( event )
	40	+ }, false);
	41	+ } else {
	42	+ window.attachEvent("onmessage", function(event){
	43	+ _this.hanldeMsg( event )
	44	+ });
	45	+ }
	46	+ },
	47	+ hanldeMsg: function( event ){
	48	+ // Check if the server should even be enabled
	49	+ if( !mw.getConfig( 'EmbedPlayer.EnalbeIFramePlayerServer' )){
	50	+ return false;
	51	+ }
	52	+
	53	+ if( !this.eventDomainCheck( event.origin ) ){
	54	+ mw.log( 'Error: ' + event.origin + ' domain origin not allowed to send player events');
	55	+ return false;
	56	+ }
	57	+
	58	+ // Decode the message
	59	+ msgObject = JSON.parse( event.data );
	60	+ if( msgObject.method ){
	61	+ // Deal with variadic argument set:
	62	+ var argString = '';
	63	+ for( var i=0;i < msgObject.args; i++){
	64	+ argString += ', msgObject.args[i]';
	65	+ }
	66	+ eval( 'this.embedPlayer.' + msgObject.method + '(' + argString + ')' );
	67	+ }
	68	+ },
	69	+ eventDomainCheck: function( origin ){
	70	+ if( mw.getConfig( 'EmbedPLayer.IFramePlayer.DomainWhiteList' ) ){
	71	+ // NOTE this is very similar to the apiProxy function:
	72	+ var domainWhiteList = mw.getConfig('EmbedPLayer.IFramePlayer.DomainWhiteList');
	73	+ if( domainWhiteList == '*' ){
	74	+ // The default very permissive state
	75	+ return true;
	76	+ }
	77	+ // @@FIXME we should also check protocol to avoid
	78	+ // http to https escalation
	79	+ var originDomain = mw.parseUri( origin ).host;
	80	+
	81	+ // Check the domains:
	82	+ for ( var i =0; i < domainWhiteList.length; i++ ) {
	83	+ whiteDomain = domainWhiteList[i];
	84	+ // Check if domain check is a RegEx:
	85	+ if( typeof whiteDomain == 'object' ){
	86	+ if( originDomain.match( whiteDomain ) ) {
	87	+ return true;
	88	+ }
	89	+ } else {
	90	+ if( originDomain == whiteDomain ){
	91	+ return true;
	92	+ }
	93	+ }
	94	+ }
	95	+ }
	96	+ // If no passing domain was found return false
	97	+ return false;
	98	+ }
	99	+
	100	+}
Property changes on: branches/MwEmbedStandAlone/modules/EmbedPlayer/mw.IFramePlayerApiServer.js
___________________________________________________________________
Added: svn:mime-type
1	101	+ text/plain

Status & tagging log

19:31, 21 November 2010 Reedy (talk | contribs) changed the status of r75576 [removed: new added: deferred]