Software: Apache/2.4.53 (Unix) OpenSSL/1.1.1o PHP/7.4.29 mod_perl/2.0.12 Perl/v5.34.1. PHP/7.4.29 uname -a: Linux vps-2738122-x 4.15.0-213-generic #224-Ubuntu SMP Mon Jun 19 13:30:12 UTC 2023 x86_64 uid=1(daemon) gid=1(daemon) grupos=1(daemon) Safe-mode: OFF (not secure) /opt/apex_led/www/js/shindig/features/src/main/javascript/features/rpc/ drwxrwxr-x | |
| Viewing file: Select action/file-type: /*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations under the License.
*/
var gadgets = gadgets || {};
gadgets.rpctx = gadgets.rpctx || {};
/**
* For Internet Explorer before version 8, the security model allows anyone
* parent to set the value of the "opener" property on another window,
* with only the receiving window able to read it.
* This method is dubbed "Native IE XDC" (NIX).
*
* This method works by placing a handler object in the "opener" property
* of a gadget when the container sets up the authentication information
* for that gadget (by calling setAuthToken(...)). At that point, a NIX
* wrapper is created and placed into the gadget by calling
* theframe.contentWindow.opener = wrapper. Note that as a result, NIX can
* only be used by a container to call a particular gadget *after* that
* gadget has called the container at least once via NIX.
*
* The NIX wrappers in this RPC implementation are instances of a VBScript
* class that is created when this implementation loads. The reason for
* using a VBScript class stems from the fact that any object can be passed
* into the opener property.
* While this is a good thing, as it lets us pass functions and setup a true
* bidirectional channel via callbacks, it opens a potential security hole
* by which the other page can get ahold of the "window" or "document"
* objects in the parent page and in turn wreak havok. This is due to the
* fact that any JS object useful for establishing such a bidirectional
* channel (such as a function) can be used to access a function
* (eg. obj.toString, or a function itself) created in a specific context,
* in particular the global context of the sender. Suppose container
* domain C passes object obj to gadget on domain G. Then the gadget can
* access C's global context using:
* var parentWindow = (new obj.toString.constructor("return window;"))();
* Nulling out all of obj's properties doesn't fix this, since IE helpfully
* restores them to their original values if you do something like:
* delete obj.toString; delete obj.toString;
* Thus, we wrap the necessary functions and information inside a VBScript
* object. VBScript objects in IE, like DOM objects, are in fact COM
* wrappers when used in JavaScript, so we can safely pass them around
* without worrying about a breach of context while at the same time
* allowing them to act as a pass-through mechanism for information
* and function calls. The implementation details of this VBScript wrapper
* can be found in the setupChannel() method below.
*
* nix: Internet Explorer-specific window.opener trick.
* - Internet Explorer 6
* - Internet Explorer 7
*/
gadgets.rpctx.nix = function() {
// Consts for NIX. VBScript doesn't
// allow items to start with _ for some reason,
// so we need to make these names quite unique, as
// they will go into the global namespace.
var NIX_WRAPPER = 'GRPC____NIXVBS_wrapper';
var NIX_GET_WRAPPER = 'GRPC____NIXVBS_get_wrapper';
var NIX_HANDLE_MESSAGE = 'GRPC____NIXVBS_handle_message';
var NIX_CREATE_CHANNEL = 'GRPC____NIXVBS_create_channel';
var MAX_NIX_SEARCHES = 10;
var NIX_SEARCH_PERIOD = 500;
// JavaScript reference to the NIX VBScript wrappers.
// Gadgets will have but a single channel under
// nix_channels['..'] while containers will have a channel
// per gadget stored under the gadget's ID.
var nix_channels = {};
// Store the ready signal method for use on handshake complete.
var ready;
var numHandlerSearches = 0;
// Search for NIX handler to parent. Tries MAX_NIX_SEARCHES times every
// NIX_SEARCH_PERIOD milliseconds.
function conductHandlerSearch() {
// Call from gadget to the container.
var handler = nix_channels['..'];
if (handler) {
return;
}
if (++numHandlerSearches > MAX_NIX_SEARCHES) {
// Handshake failed. Will fall back.
gadgets.warn('Nix transport setup failed, falling back...');
ready('..', false);
return;
}
// If the gadget has yet to retrieve a reference to
// the NIX handler, try to do so now. We don't do a
// typeof(window.opener.GetAuthToken) check here
// because it means accessing that field on the COM object, which,
// being an internal function reference, is not allowed.
// "in" works because it merely checks for the prescence of
// the key, rather than actually accessing the object's property.
// This is just a sanity check, not a validity check.
if (!handler && window.opener && "GetAuthToken" in window.opener) {
handler = window.opener;
// Create the channel to the parent/container.
// First verify that it knows our auth token to ensure it's not
// an impostor.
if (handler.GetAuthToken() == gadgets.rpc.getAuthToken('..')) {
// Auth match - pass it back along with our wrapper to finish.
// own wrapper and our authentication token for co-verification.
var token = gadgets.rpc.getAuthToken('..');
handler.CreateChannel(window[NIX_GET_WRAPPER]('..', token),
token);
// Set channel handler
nix_channels['..'] = handler;
window.opener = null;
// Signal success and readiness to send to parent.
// Container-to-gadget bit flipped in CreateChannel.
ready('..', true);
return;
}
}
// Try again.
window.setTimeout(function() { conductHandlerSearch(); },
NIX_SEARCH_PERIOD);
}
return {
getCode: function() {
return 'nix';
},
isParentVerifiable: function() {
return false;
},
init: function(processFn, readyFn) {
ready = readyFn;
// Ensure VBScript wrapper code is in the page and that the
// global Javascript handlers have been set.
// VBScript methods return a type of 'unknown' when
// checked via the typeof operator in IE. Fortunately
// for us, this only applies to COM objects, so we
// won't see this for a real Javascript object.
if (typeof window[NIX_GET_WRAPPER] !== 'unknown') {
window[NIX_HANDLE_MESSAGE] = function(data) {
window.setTimeout(
function() { processFn(gadgets.json.parse(data)) }, 0);
};
window[NIX_CREATE_CHANNEL] = function(name, channel, token) {
// Verify the authentication token of the gadget trying
// to create a channel for us.
if (gadgets.rpc.getAuthToken(name) === token) {
nix_channels[name] = channel;
ready(name, true);
}
};
// Inject the VBScript code needed.
var vbscript =
// We create a class to act as a wrapper for
// a Javascript call, to prevent a break in of
// the context.
'Class ' + NIX_WRAPPER + '\n '
// An internal member for keeping track of the
// name of the document (container or gadget)
// for which this wrapper is intended. For
// those wrappers created by gadgets, this is not
// used (although it is set to "..")
+ 'Private m_Intended\n'
// Stores the auth token used to communicate with
// the gadget. The GetChannelCreator method returns
// an object that returns this auth token. Upon matching
// that with its own, the gadget uses the object
// to actually establish the communication channel.
+ 'Private m_Auth\n'
// Method for internally setting the value
// of the m_Intended property.
+ 'Public Sub SetIntendedName(name)\n '
+ 'If isEmpty(m_Intended) Then\n'
+ 'm_Intended = name\n'
+ 'End If\n'
+ 'End Sub\n'
// Method for internally setting the value of the m_Auth property.
+ 'Public Sub SetAuth(auth)\n '
+ 'If isEmpty(m_Auth) Then\n'
+ 'm_Auth = auth\n'
+ 'End If\n'
+ 'End Sub\n'
// A wrapper method which actually causes a
// message to be sent to the other context.
+ 'Public Sub SendMessage(data)\n '
+ NIX_HANDLE_MESSAGE + '(data)\n'
+ 'End Sub\n'
// Returns the auth token to the gadget, so it can
// confirm a match before initiating the connection
+ 'Public Function GetAuthToken()\n '
+ 'GetAuthToken = m_Auth\n'
+ 'End Function\n'
// Method for setting up the container->gadget
// channel. Not strictly needed in the gadget's
// wrapper, but no reason to get rid of it. Note here
// that we pass the intended name to the NIX_CREATE_CHANNEL
// method so that it can save the channel in the proper place
// *and* verify the channel via the authentication token passed
// here.
+ 'Public Sub CreateChannel(channel, auth)\n '
+ 'Call ' + NIX_CREATE_CHANNEL + '(m_Intended, channel, auth)\n'
+ 'End Sub\n'
+ 'End Class\n'
// Function to get a reference to the wrapper.
+ 'Function ' + NIX_GET_WRAPPER + '(name, auth)\n'
+ 'Dim wrap\n'
+ 'Set wrap = New ' + NIX_WRAPPER + '\n'
+ 'wrap.SetIntendedName name\n'
+ 'wrap.SetAuth auth\n'
+ 'Set ' + NIX_GET_WRAPPER + ' = wrap\n'
+ 'End Function';
try {
window.execScript(vbscript, 'vbscript');
} catch (e) {
return false;
}
}
return true;
},
setup: function(receiverId, token) {
if (receiverId === '..') {
conductHandlerSearch();
return true;
}
try {
var frame = document.getElementById(receiverId);
var wrapper = window[NIX_GET_WRAPPER](receiverId, token);
frame.contentWindow.opener = wrapper;
} catch (e) {
return false;
}
return true;
},
call: function(targetId, from, rpc) {
try {
// If we have a handler, call it.
if (nix_channels[targetId]) {
nix_channels[targetId].SendMessage(gadgets.json.stringify(rpc));
}
} catch (e) {
return false;
}
return true;
}
};
}();
|
:: Command execute :: | |
--[ c99shell v. 2.1 [PHP 8 Update] [02.02.2022] maintained byC99Shell Github | Generation time: 0.4838 ]-- |