Home Explore Help
Sign In
kevin
/
anissah
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 9312edc3ae
Branches Tags
anissah
/
user
/
themes
/
anissabensalah
/
node_modules
/
clean-css
/
lib
/
reader
/
is-allowed-resource.js

is-allowed-resource.js 2.0 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677 
  1. var path = require('path');
    2. 

  2. var url = require('url');
    3. 

  3. 

  4. var isRemoteResource = require('../utils/is-remote-resource');
    5. 

  5. var hasProtocol = require('../utils/has-protocol');
    6. 

  6. 

  7. var HTTP_PROTOCOL = 'http:';
    8. 

  8. 

  9. function isAllowedResource(uri, isRemote, rules) {
    10. 

  10.   var match;
    11. 

  11.   var absoluteUri;
    12. 

  12.   var allowed = isRemote ? false : true;
    13. 

  13.   var rule;
    14. 

  14.   var isNegated;
    15. 

  15.   var normalizedRule;
    16. 

  16.   var i;
    17. 

  17. 

  18.   if (rules.length === 0) {
    19. 

  19.     return false;
    20. 

  20.   }
    21. 

  21. 

  22.   if (isRemote && !hasProtocol(uri)) {
    23. 

  23.     uri = HTTP_PROTOCOL + uri;
    24. 

  24.   }
    25. 

  25. 

  26.   match = isRemote ?
    27. 

  27.     url.parse(uri).host :
    28. 

  28.     uri;
    29. 

  29. 

  30.   absoluteUri = isRemote ?
    31. 

  31.     uri :
    32. 

  32.     path.resolve(uri);
    33. 

  33. 

  34.   for (i = 0; i < rules.length; i++) {
    35. 

  35.     rule = rules[i];
    36. 

  36.     isNegated = rule[0] == '!';
    37. 

  37.     normalizedRule = rule.substring(1);
    38. 

  38. 

  39.     if (isNegated && isRemote && isRemoteRule(normalizedRule)) {
    40. 

  40.       allowed = allowed && !isAllowedResource(uri, true, [normalizedRule]);
    41. 

  41.     } else if (isNegated && !isRemote && !isRemoteRule(normalizedRule)) {
    42. 

  42.       allowed = allowed && !isAllowedResource(uri, false, [normalizedRule]);
    43. 

  43.     } else if (isNegated) {
    44. 

  44.       allowed = allowed && true;
    45. 

  45.     } else if (rule == 'all') {
    46. 

  46.       allowed = true;
    47. 

  47.     } else if (isRemote && rule == 'local') {
    48. 

  48.       allowed = allowed || false;
    49. 

  49.     } else if (isRemote && rule == 'remote') {
    50. 

  50.       allowed = true;
    51. 

  51.     } else if (!isRemote && rule == 'remote') {
    52. 

  52.       allowed = false;
    53. 

  53.     } else if (!isRemote && rule == 'local') {
    54. 

  54.       allowed = true;
    55. 

  55.     } else if (rule === match) {
    56. 

  56.       allowed = true;
    57. 

  57.     } else if (rule === uri) {
    58. 

  58.       allowed = true;
    59. 

  59.     } else if (isRemote && absoluteUri.indexOf(rule) === 0) {
    60. 

  60.       allowed = true;
    61. 

  61.     } else if (!isRemote && absoluteUri.indexOf(path.resolve(rule)) === 0) {
    62. 

  62.       allowed = true;
    63. 

  63.     } else if (isRemote != isRemoteRule(normalizedRule)) {
    64. 

  64.       allowed = allowed && true;
    65. 

  65.     } else {
    66. 

  66.       allowed = false;
    67. 

  67.     }
    68. 

  68.   }
    69. 

  69. 

  70.   return allowed;
    71. 

  71. }
    72. 

  72. 

  73. function isRemoteRule(rule) {
    74. 

  74.   return isRemoteResource(rule) || url.parse(HTTP_PROTOCOL + '//' + rule).host == rule;
    75. 

  75. }
    76. 

  76. 

  77. module.exports = isAllowedResource;
    78.