[Pkg-javascript-commits] [sockjs-client] 202/350: Obfuscate ActiveXObject to avoid firewalls. Add timestamp to outgoing xhr.

Fri Aug 5 01:04:21 UTC 2016

This is an automated email from the git hooks/post-receive script.

tonnerre-guest pushed a commit to branch upstream
in repository sockjs-client.

commit 166a103308e240c9996e182a93440a010b1fc545
Author: Bryce Kahle <bkahle at gmail.com>
Date:   Mon Oct 20 16:49:28 2014 -0400

    Obfuscate ActiveXObject to avoid firewalls. Add timestamp to outgoing xhr.
---
 .jshintrc                             |  3 +--
 lib/transport/browser/abstract-xhr.js | 13 ++++++-------
 lib/transport/receiver/htmlfile.js    |  6 ++++--
 lib/utils/iframe.js                   |  3 ++-
 4 files changed, 13 insertions(+), 12 deletions(-)

diff --git a/.jshintrc b/.jshintrc
index b70c17c..45fe695 100644
--- a/.jshintrc
+++ b/.jshintrc
@@ -8,8 +8,7 @@
 , "node": true
 , "browser": true
 , "predef": [
-    "ActiveXObject"
-  , "XDomainRequest"
+    "XDomainRequest"
   , "EventSource"
   , "describe"
   , "it"
diff --git a/lib/transport/browser/abstract-xhr.js b/lib/transport/browser/abstract-xhr.js
index 6738e32..6dc0fb6 100644
--- a/lib/transport/browser/abstract-xhr.js
+++ b/lib/transport/browser/abstract-xhr.js
@@ -28,11 +28,8 @@ function AbstractXHRObject(method, url, payload, opts) {
     return;
   }
 
-  if (global.ActiveXObject || global.XDomainRequest) {
-    debug('adding to url to prevent POST cache');
-    // IE8 caches even POSTs
-    url = urlUtils.addQuery(url, 't=' + Date.now());
-  }
+  // several browsers cache POSTs
+  url = urlUtils.addQuery(url, 't=' + Date.now());
 
   // Explorer tends to keep connection open, even after the
   // tab gets closed: http://bugs.jquery.com/ticket/5280
@@ -145,11 +142,13 @@ AbstractXHRObject.prototype.close = function() {
 
 AbstractXHRObject.enabled = !!XHR;
 // override XMLHttpRequest for IE6/7
-if (!AbstractXHRObject.enabled && global.ActiveXObject) {
+// obfuscate to avoid firewalls
+var axo = ['Active'].concat('Object').join('X');
+if (!AbstractXHRObject.enabled && (axo in global)) {
   debug('overriding xmlhttprequest');
   XHR = function() {
     try {
-      return new global.ActiveXObject('Microsoft.XMLHTTP');
+      return new global[axo]('Microsoft.XMLHTTP');
     } catch (e) {
       return null;
     }
diff --git a/lib/transport/receiver/htmlfile.js b/lib/transport/receiver/htmlfile.js
index 884d8a0..05931f9 100644
--- a/lib/transport/receiver/htmlfile.js
+++ b/lib/transport/receiver/htmlfile.js
@@ -72,9 +72,11 @@ HtmlfileReceiver.prototype._close = function(reason) {
 
 HtmlfileReceiver.htmlfileEnabled = false;
 
-if ('ActiveXObject' in global) {
+// obfuscate to avoid firewalls
+var axo = ['Active'].concat('Object').join('X');
+if (axo in global) {
   try {
-    HtmlfileReceiver.htmlfileEnabled = !!new global.ActiveXObject('htmlfile');
+    HtmlfileReceiver.htmlfileEnabled = !!new global[axo]('htmlfile');
   } catch (x) {}
 }
 
diff --git a/lib/utils/iframe.js b/lib/utils/iframe.js
index 0fa4c46..cdef8aa 100644
--- a/lib/utils/iframe.js
+++ b/lib/utils/iframe.js
@@ -110,7 +110,8 @@ module.exports = {
 /* jshint undef: false, newcap: false */
 /* eslint no-undef: 0, new-cap: 0 */
 , createHtmlfile: function(iframeUrl, errorCallback) {
-    var doc = new global.ActiveXObject('htmlfile');
+    var axo = ['Active'].concat('Object').join('X');
+    var doc = new global[axo]('htmlfile');
     var tref, unloadRef;
     var iframe;
     var unattach = function() {

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-javascript/sockjs-client.git

