Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 1 | /** |
| 2 | * The plugin system is based |
| 3 | * on registered widgets (iframes) from |
| 4 | * foreign services. |
| 5 | * The server component spawns new iframes and |
| 6 | * listens to them. |
| 7 | * |
| 8 | * @author Nils Diewald |
| 9 | */ |
| 10 | |
Akron | a6c32b9 | 2018-07-02 18:39:42 +0200 | [diff] [blame] | 11 | define(["plugin/widget", "util"], function (widgetClass) { |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 12 | "use strict"; |
| 13 | |
Akron | a6c32b9 | 2018-07-02 18:39:42 +0200 | [diff] [blame] | 14 | // Contains all widgets to address with |
| 15 | // messages to them |
| 16 | var widgets = {}; |
| 17 | |
Akron | e8e2c95 | 2018-07-04 13:43:12 +0200 | [diff] [blame] | 18 | // This is a counter to limit acceptable incoming messages |
| 19 | // to a certain amount. For every message, this counter will |
| 20 | // be decreased (down to 0), for every second this will be |
| 21 | // increased (up to 100). |
| 22 | // Once a widget surpasses the limit, it will be killed |
| 23 | // and called suspicious. |
| 24 | var maxMessages = 100; |
| 25 | var limits = {}; |
| 26 | |
| 27 | // TODO: |
| 28 | // It may be useful to establish a watcher that pings |
| 29 | // all widgets every second to see if it is still alive. |
| 30 | |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 31 | return { |
| 32 | |
| 33 | /** |
| 34 | * Create new plugin management system |
| 35 | */ |
| 36 | create : function () { |
| 37 | return Object.create(this)._init(); |
| 38 | }, |
| 39 | |
| 40 | /* |
Akron | 76dd8d3 | 2018-07-06 09:30:22 +0200 | [diff] [blame] | 41 | * Initialize the plugin manager |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 42 | */ |
| 43 | _init : function () { |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 44 | return this; |
| 45 | }, |
| 46 | |
| 47 | /** |
Akron | e8e2c95 | 2018-07-04 13:43:12 +0200 | [diff] [blame] | 48 | * Open a new widget as a child to a certain element |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 49 | */ |
Akron | 7991b19 | 2018-07-09 17:28:43 +0200 | [diff] [blame] | 50 | addWidget : function (element, name, src) { |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 51 | |
Akron | 76dd8d3 | 2018-07-06 09:30:22 +0200 | [diff] [blame] | 52 | // Is it the first widget? |
| 53 | if (!this._listener) { |
| 54 | |
| 55 | /* |
| 56 | * Establish the global 'message' hook. |
| 57 | */ |
| 58 | this._listener = this._receiveMsg.bind(this); |
| 59 | window.addEventListener("message", this._listener); |
| 60 | |
| 61 | // Every second increase the limits of all registered widgets |
| 62 | this._timer = window.setInterval(function () { |
| 63 | for (var i in limits) { |
| 64 | if (limits[i]++ >= maxMessages) { |
| 65 | limits[i] = maxMessages; |
| 66 | } |
| 67 | } |
| 68 | }, 1000); |
| 69 | }; |
| 70 | |
Akron | a6c32b9 | 2018-07-02 18:39:42 +0200 | [diff] [blame] | 71 | // Create a unique random ID per widget |
| 72 | var id = 'id-' + this._randomID(); |
| 73 | |
| 74 | // Create a new widget |
Akron | 7991b19 | 2018-07-09 17:28:43 +0200 | [diff] [blame] | 75 | var widget = widgetClass.create(name, src, id); |
Akron | a6c32b9 | 2018-07-02 18:39:42 +0200 | [diff] [blame] | 76 | |
| 77 | // Store the widget based on the identifier |
| 78 | widgets[id] = widget; |
Akron | a99315e | 2018-07-03 22:56:45 +0200 | [diff] [blame] | 79 | limits[id] = maxMessages; |
Akron | a6c32b9 | 2018-07-02 18:39:42 +0200 | [diff] [blame] | 80 | |
| 81 | // Open widget in frontend |
| 82 | element.appendChild( |
| 83 | widget.element() |
| 84 | ); |
Akron | b43c8c6 | 2018-07-04 18:27:28 +0200 | [diff] [blame] | 85 | |
| 86 | return id; |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 87 | }, |
| 88 | |
Akron | e8e2c95 | 2018-07-04 13:43:12 +0200 | [diff] [blame] | 89 | // Receive a call from an embedded iframe. |
| 90 | // The handling needs to be very careful, |
| 91 | // as this can easily become a security nightmare. |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 92 | _receiveMsg : function (e) { |
| 93 | // Get event data |
| 94 | var d = e.data; |
| 95 | |
Akron | a99315e | 2018-07-03 22:56:45 +0200 | [diff] [blame] | 96 | // If no data given - fail |
| 97 | // (probably check that it's an assoc array) |
| 98 | if (!d) |
| 99 | return; |
| 100 | |
| 101 | // e.origin is probably set and okay - CHECK! |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 102 | |
Akron | a99315e | 2018-07-03 22:56:45 +0200 | [diff] [blame] | 103 | // Get origin ID |
| 104 | var id = d["originID"]; |
| 105 | |
| 106 | // If no origin ID given - fail |
| 107 | if (!id) |
| 108 | return; |
| 109 | |
Akron | a6c32b9 | 2018-07-02 18:39:42 +0200 | [diff] [blame] | 110 | // Get the widget |
Akron | a99315e | 2018-07-03 22:56:45 +0200 | [diff] [blame] | 111 | var widget = widgets[id]; |
Akron | a6c32b9 | 2018-07-02 18:39:42 +0200 | [diff] [blame] | 112 | |
| 113 | // If the addressed widget does not exist - fail |
| 114 | if (!widget) |
| 115 | return; |
| 116 | |
Akron | a99315e | 2018-07-03 22:56:45 +0200 | [diff] [blame] | 117 | // Check for message limits |
| 118 | if (limits[id]-- < 0) { |
Akron | e8e2c95 | 2018-07-04 13:43:12 +0200 | [diff] [blame] | 119 | |
| 120 | // Kill widget |
Akron | c0a2da8 | 2018-07-04 15:27:37 +0200 | [diff] [blame] | 121 | KorAP.log(0, 'Suspicious action by widget', widget.src); |
Akron | 76dd8d3 | 2018-07-06 09:30:22 +0200 | [diff] [blame] | 122 | this.closeWidget(widget); |
Akron | a99315e | 2018-07-03 22:56:45 +0200 | [diff] [blame] | 123 | return; |
| 124 | }; |
Akron | a6c32b9 | 2018-07-02 18:39:42 +0200 | [diff] [blame] | 125 | |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 126 | // Resize the iframe |
| 127 | if (d.action === 'resize') { |
Akron | a6c32b9 | 2018-07-02 18:39:42 +0200 | [diff] [blame] | 128 | widget.resize(d); |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 129 | } |
| 130 | |
| 131 | // Log message from iframe |
| 132 | else if (d.action === 'log') { |
Akron | c0a2da8 | 2018-07-04 15:27:37 +0200 | [diff] [blame] | 133 | KorAP.log(d.code, d.msg, widget.src); |
Akron | a6c32b9 | 2018-07-02 18:39:42 +0200 | [diff] [blame] | 134 | }; |
| 135 | |
| 136 | // TODO: |
| 137 | // Close |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 138 | }, |
| 139 | |
Akron | 76dd8d3 | 2018-07-06 09:30:22 +0200 | [diff] [blame] | 140 | // Close the widget |
| 141 | closeWidget : function (widget) { |
| 142 | delete limits[widget.id]; |
| 143 | delete widgets[widget.id]; |
| 144 | widget.shutdown(); |
| 145 | |
| 146 | // Remove listeners in case no widget |
| 147 | // is available any longer |
| 148 | if (Object.keys(limits).length == 0) |
| 149 | this._removeListener(); |
| 150 | }, |
| 151 | |
Akron | a6c32b9 | 2018-07-02 18:39:42 +0200 | [diff] [blame] | 152 | // Get a random identifier |
| 153 | _randomID : function () { |
| 154 | return randomID(20); |
Akron | b43c8c6 | 2018-07-04 18:27:28 +0200 | [diff] [blame] | 155 | }, |
| 156 | |
Akron | 76dd8d3 | 2018-07-06 09:30:22 +0200 | [diff] [blame] | 157 | // Remove the listener |
| 158 | _removeListener : function () { |
| 159 | window.clearInterval(this._timer); |
| 160 | this._timer = undefined; |
| 161 | window.removeEventListener("message", this._listener); |
| 162 | this._listener = undefined; |
| 163 | }, |
| 164 | |
Akron | b43c8c6 | 2018-07-04 18:27:28 +0200 | [diff] [blame] | 165 | // Destructor, just for testing scenarios |
| 166 | destroy : function () { |
| 167 | limits = {}; |
| 168 | widgets = {}; |
Akron | 76dd8d3 | 2018-07-06 09:30:22 +0200 | [diff] [blame] | 169 | this._removeListener(); |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 170 | } |
| 171 | } |
| 172 | }); |