| // Licensed to the Software Freedom Conservancy (SFC) under one |
| // or more contributor license agreements. See the NOTICE file |
| // distributed with this work for additional information |
| // regarding copyright ownership. The SFC licenses this file |
| // to you under the Apache License, Version 2.0 (the |
| // "License"); you may not use this file except in compliance |
| // with the License. You may obtain a copy of the License at |
| // |
| // http://www.apache.org/licenses/LICENSE-2.0 |
| // |
| // Unless required by applicable law or agreed to in writing, |
| // software distributed under the License is distributed on an |
| // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| // KIND, either express or implied. See the License for the |
| // specific language governing permissions and limitations |
| // under the License. |
| |
| goog.provide('webdriver.http.CorsClient'); |
| |
| goog.require('goog.Promise'); |
| goog.require('webdriver.http.Client'); |
| goog.require('webdriver.http.Response'); |
| |
| |
| |
| /** |
| * Communicates with a WebDriver server, which may be on a different domain, |
| * using the <a href="http://www.w3.org/TR/cors/">cross-origin resource sharing |
| * </a> (CORS) extension to WebDriver's JSON wire protocol. |
| * |
| * <p>Each command from the standard JSON protocol will be encoded in a |
| * JSON object with the following form: |
| * {method:string, path:string, data:!Object} |
| * |
| * <p>The encoded command is then sent as a POST request to the server's /xdrpc |
| * endpoint. The server will decode the command, re-route it to the appropriate |
| * handler, and then return the command's response as a standard JSON response |
| * object. The JSON responses will <em>always</em> be returned with a 200 |
| * response from the server; clients must rely on the response's "status" field |
| * to determine whether the command succeeded. |
| * |
| * <p>This client cannot be used with the standard wire protocol due to |
| * limitations in the various browser implementations of the CORS specification: |
| * <ul> |
| * <li>IE's <a href="http://goo.gl/6l3kA">XDomainRequest</a> object is only |
| * capable of generating the types of requests that may be generated through |
| * a standard <a href="http://goo.gl/vgzAU">HTML form</a> - it can not send |
| * DELETE requests, as is required in the wire protocol. |
| * <li>WebKit's implementation of CORS does not follow the spec and forbids |
| * redirects: https://bugs.webkit.org/show_bug.cgi?id=57600 |
| * This limitation appears to be intentional and is documented in WebKit's |
| * Layout tests: |
| * //LayoutTests/http/tests/xmlhttprequest/access-control-and-redirects.html |
| * <li>If the server does not return a 2xx response, IE |
| * implementation will fire the XDomainRequest/XMLHttpRequest object's |
| * onerror handler, but without the corresponding response text returned by |
| * the server. This renders IE incapable of handling command |
| * failures in the standard JSON protocol. |
| * </ul> |
| * |
| * @param {string} url URL for the WebDriver server to send commands to. |
| * @constructor |
| * @implements {webdriver.http.Client} |
| * @see <a href="http://www.w3.org/TR/cors/">CORS Spec</a> |
| * @see <a href="https://github.com/SeleniumHQ/selenium/wiki/JsonWireProtocol"> |
| * JSON wire protocol</a> |
| */ |
| webdriver.http.CorsClient = function(url) { |
| if (!webdriver.http.CorsClient.isAvailable()) { |
| throw Error('The current environment does not support cross-origin ' + |
| 'resource sharing'); |
| } |
| |
| /** @private {string} */ |
| this.url_ = url + webdriver.http.CorsClient.XDRPC_ENDPOINT; |
| }; |
| |
| |
| /** |
| * Resource URL to send commands to on the server. |
| * @type {string} |
| * @const |
| */ |
| webdriver.http.CorsClient.XDRPC_ENDPOINT = '/xdrpc'; |
| |
| |
| /** |
| * Tests whether the current environment supports cross-origin resource sharing. |
| * @return {boolean} Whether cross-origin resource sharing is supported. |
| * @see http://www.w3.org/TR/cors/ |
| */ |
| webdriver.http.CorsClient.isAvailable = function() { |
| return typeof XDomainRequest !== 'undefined' || |
| (typeof XMLHttpRequest !== 'undefined' && |
| goog.isBoolean(new XMLHttpRequest().withCredentials)); |
| }; |
| |
| |
| /** @override */ |
| webdriver.http.CorsClient.prototype.send = function(request) { |
| var url = this.url_; |
| return new goog.Promise(function(fulfill, reject) { |
| var xhr = new (typeof XDomainRequest !== 'undefined' ? |
| XDomainRequest : XMLHttpRequest); |
| xhr.open('POST', url, true); |
| |
| xhr.onload = function() { |
| fulfill(webdriver.http.Response.fromXmlHttpRequest( |
| /** @type {!XMLHttpRequest} */ (xhr))); |
| }; |
| |
| xhr.onerror = function() { |
| reject(Error([ |
| 'Unable to send request: POST ', url, |
| '\nPerhaps the server did not respond to the preflight request ', |
| 'with valid access control headers?' |
| ].join(''))); |
| }; |
| |
| // Define event handlers for all events on the XDomainRequest. Apparently, |
| // if we don't do this, IE9+10 will silently abort our request. Yay IE. |
| // Note, we're not using goog.nullFunction, because it tends to get |
| // optimized away by the compiler, which leaves us where we were before. |
| xhr.onprogress = xhr.ontimeout = function() {}; |
| |
| xhr.send(JSON.stringify({ |
| 'method': request.method, |
| 'path': request.path, |
| 'data': request.data |
| })); |
| }); |
| }; |
