suzanne.soy/travis-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Check if third party cookies are enabled to choose login method

Browse Source
This commit is contained in:
Piotr Sarnacki 2012-11-17 21:11:59 +01:00
parent 2b3579e6dd
commit 707b2c68e8
1 changed files with 41 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
lib/travis/api/app/endpoint/authorization.rb
View File

@ -118,7 +118,9 @@ class Travis::Api::App
get '/post_message', scope: :public do get '/post_message', scope: :public do
content_type :html content_type :html
response.set_cookie('cookie_check', '1') response.set_cookie('cookie_check', '1')
erb :container host ="#{request.scheme}://#{request.host}"
host << ":#{request.port}" unless request.port == 80
erb :container, {}, host: host
end end
get '/post_message/iframe', scope: :public do get '/post_message/iframe', scope: :public do
@ -131,6 +133,16 @@ class Travis::Api::App
end end
end end
get '/set_cookie' do
blank_gif = Base64.decode64 'R0lGODlhBQAFAJH/AP///wAAAMDAwAAAACH5BAEAAAIALAAAAAAFAAUAAAIElI+pWAA7\n'
[200, { 'Content-Type' => 'image/gif', 'Set-Cookie' => 'foo=bar' }, blank_gif]
end
get '/check_cookie' do
third_party_cookies = (!!(env["HTTP_COOKIE"].to_s =~ /foo=bar/)).inspect
[200, { 'Content-Type' => 'text/javascript' }, ["cookiesCheckCallback(#{third_party_cookies})"]]
end
error Faraday::Error::ClientError do error Faraday::Error::ClientError do
halt 401, 'could not resolve github token' halt 401, 'could not resolve github token'
end end
@ -261,15 +273,34 @@ alert('refusing to send a token to <%= target_origin.inspect %>, not whitelisted
</script> </script>
@@ container @@ container
<script> <!DOCTYPE html>
var url = window.location.pathname + '/iframe' + window.location.search; <html>
alert(document.cookie); <body>
if(document.cookie.indexOf('cookie_check') < 0) { <script>
var url = window.location.pathname + '/iframe' + window.location.search;
var img = document.createElement('img');
img.src = "<%= host %>/auth/set_cookie";
img.onload = function() {
console.log('img onload');
var script = document.createElement('script');
script.src = "<%= host %>/auth/check_cookie";
window.document.body.appendChild(script);
}
window.document.body.appendChild(img);
function cookiesCheckCallback(thirdPartyCookiesEnabled) {
if(thirdPartyCookiesEnabled) {
window.open(url, 'Signing in...', 'height=400,width=800'); window.open(url, 'Signing in...', 'height=400,width=800');
} else { } else {
document.write('<iframe src="'+url+'" />'); document.write('<iframe src="'+url+'" />');
} }
</script> }
</script>
</body>
</html>
@@ post_message @@ post_message
<script> <script>