dojo.provide("dojox.io.windowName"); // Implements the window.name transport dojox.io.windowName = { send: function(/*String*/ method, /*dojo.__IoArgs*/ args){ // summary: // Provides secure cross-domain request capability. // Sends a request using an iframe (POST or GET) and reads the response through the // frame's window.name. // // method: // The method to use to send the request, GET or POST // // args: // See dojo.xhr // // args.authElement: DOMNode? // By providing an authElement, this indicates that windowName should use the // authorized window.name protocol, relying on // the loaded XD resource to return to the provided return URL on completion // of authorization/authentication. The provided authElement will be used to place // the iframe in, so the user can interact with the server resource for authentication // and/or authorization to access the resource. // // args.onAuthLoad: Function? // When using authorized access to resources, this function will be called when the // authorization page has been loaded. (When authorization is actually completed, // the deferred callback function is called with the result). The primary use for this // is to make the authElement visible to the user once the resource has loaded // (this can be preferable to showing the iframe while the resource is loading // since it may not require authorization, it may simply return the resource). // // description: // In order to provide a windowname transport accessible resources/web services, a server // should check for the presence of a parameter window.name=true and if a request includes // such a parameter, it should respond to the request with an HTML // document that sets it's window.name to the string that is to be // delivered to the client. For example, if a client makes a window.name request like: // | http://othersite.com/greeting?windowname=true // And server wants to respond to the client with "Hello", it should return an html page: // | // One can provide XML or JSON data by simply quoting the data as a string, and parsing the data // on the client. // If you use the authorization window.name protocol, the requester should include an // authElement element in the args, and a request will be created like: // | http://othersite.com/greeting?windowname=auth // And the server can respond like this: // | args.url += (args.url.match(/\?/) ? '&' : '?') + "windowname=" + (args.authElement ? "auth" : true); // indicate our desire for window.name communication var authElement = args.authElement; var cleanup = function(result){ try{ // we have to do this to stop the wait cursor in FF var innerDoc = dfd.ioArgs.frame.contentWindow.document; innerDoc.write(" "); innerDoc.close(); }catch(e){} (authElement || dojo.body()).removeChild(dfd.ioArgs.outerFrame); // clean up return result; } var dfd = dojo._ioSetArgs(args,cleanup,cleanup,cleanup); if(args.timeout){ setTimeout(function(){ if(dfd.fired == -1){ dfd.callback(new Error("Timeout")); } }, args.timeout ); } var self = dojox.io.windowName; if(dojo.body()){ // the DOM is ready self._send(dfd, method, authElement, args.onAuthLoad); }else{ // we will wait for the DOM to be ready to proceed dojo.addOnLoad(function(){ self._send(dfd, method, authElement, args.onAuthLoad); }); } return dfd; }, _send: function(dfd, method, authTarget, onAuthLoad){ var ioArgs = dfd.ioArgs; var frameNum = dojox.io.windowName._frameNum++; var sameDomainUrl = (dojo.config["dojoCallbackUrl"]||dojo.moduleUrl("dojo", "resources/blank.html")) + "#" + frameNum; var frameName = new dojo._Url(window.location, sameDomainUrl); var doc = dojo.doc; var frameContainer = authTarget || dojo.body(); function styleFrame(frame){ frame.style.width="100%"; frame.style.height="100%"; frame.style.border="0px"; } if(dojo.isMoz && ![].reduce){ // FF2 allows unsafe sibling frame modification, // the fix for this is to create nested frames with getters and setters to protect access var outerFrame = doc.createElement("iframe"); styleFrame(outerFrame); if(!authTarget){ outerFrame.style.display='none'; } frameContainer.appendChild(outerFrame); var firstWindow = outerFrame.contentWindow; doc = firstWindow.document; doc.write(""); doc.close(); var secondWindow = firstWindow[0]; firstWindow.__defineGetter__(0,function(){}); firstWindow.__defineGetter__("protectedFrame",function(){}); doc = secondWindow.document; doc.write(""); doc.close(); frameContainer = doc.body; } var frame = ioArgs.frame = frame = doc.createElement(dojo.isIE ? '