Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 1 | /** |
| 2 | * The plugin system is based |
| 3 | * on registered widgets (iframes) from |
| 4 | * foreign services. |
| 5 | * The server component spawns new iframes and |
| 6 | * listens to them. |
| 7 | * |
| 8 | * @author Nils Diewald |
| 9 | */ |
| 10 | |
Akron | a6c32b9 | 2018-07-02 18:39:42 +0200 | [diff] [blame] | 11 | define(["plugin/widget", "util"], function (widgetClass) { |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 12 | "use strict"; |
| 13 | |
Akron | a6c32b9 | 2018-07-02 18:39:42 +0200 | [diff] [blame] | 14 | // Contains all widgets to address with |
| 15 | // messages to them |
| 16 | var widgets = {}; |
| 17 | |
Akron | e8e2c95 | 2018-07-04 13:43:12 +0200 | [diff] [blame] | 18 | // This is a counter to limit acceptable incoming messages |
| 19 | // to a certain amount. For every message, this counter will |
| 20 | // be decreased (down to 0), for every second this will be |
| 21 | // increased (up to 100). |
| 22 | // Once a widget surpasses the limit, it will be killed |
| 23 | // and called suspicious. |
| 24 | var maxMessages = 100; |
| 25 | var limits = {}; |
| 26 | |
| 27 | // TODO: |
| 28 | // It may be useful to establish a watcher that pings |
| 29 | // all widgets every second to see if it is still alive. |
| 30 | |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 31 | return { |
| 32 | |
| 33 | /** |
| 34 | * Create new plugin management system |
| 35 | */ |
| 36 | create : function () { |
| 37 | return Object.create(this)._init(); |
| 38 | }, |
| 39 | |
| 40 | /* |
| 41 | * Initialize the plugin manager by establishing |
| 42 | * the global 'message' hook. |
| 43 | */ |
| 44 | _init : function () { |
| 45 | |
Akron | e8e2c95 | 2018-07-04 13:43:12 +0200 | [diff] [blame] | 46 | // TODO: |
| 47 | // It is better to establish the listener |
| 48 | // only in case there is a widget |
| 49 | |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 50 | var that = this; |
| 51 | window.addEventListener("message", function (e) { |
| 52 | that._receiveMsg(e); |
| 53 | }); |
Akron | a99315e | 2018-07-03 22:56:45 +0200 | [diff] [blame] | 54 | |
| 55 | // Every second increase the limits of all registered widgets |
| 56 | var myTimer = setInterval(function () { |
| 57 | for (var i in limits) { |
| 58 | if (limits[i]++ >= maxMessages) { |
| 59 | limits[i] = maxMessages; |
| 60 | } |
| 61 | } |
| 62 | }, 1000); |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 63 | return this; |
| 64 | }, |
| 65 | |
| 66 | /** |
Akron | e8e2c95 | 2018-07-04 13:43:12 +0200 | [diff] [blame] | 67 | * Open a new widget as a child to a certain element |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 68 | */ |
| 69 | addWidget : function (element, src) { |
| 70 | |
Akron | a6c32b9 | 2018-07-02 18:39:42 +0200 | [diff] [blame] | 71 | // Create a unique random ID per widget |
| 72 | var id = 'id-' + this._randomID(); |
| 73 | |
| 74 | // Create a new widget |
| 75 | var widget = widgetClass.create(src, id); |
| 76 | |
| 77 | // Store the widget based on the identifier |
| 78 | widgets[id] = widget; |
Akron | a99315e | 2018-07-03 22:56:45 +0200 | [diff] [blame] | 79 | limits[id] = maxMessages; |
Akron | a6c32b9 | 2018-07-02 18:39:42 +0200 | [diff] [blame] | 80 | |
| 81 | // Open widget in frontend |
| 82 | element.appendChild( |
| 83 | widget.element() |
| 84 | ); |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 85 | }, |
| 86 | |
Akron | e8e2c95 | 2018-07-04 13:43:12 +0200 | [diff] [blame] | 87 | // Receive a call from an embedded iframe. |
| 88 | // The handling needs to be very careful, |
| 89 | // as this can easily become a security nightmare. |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 90 | _receiveMsg : function (e) { |
| 91 | // Get event data |
| 92 | var d = e.data; |
| 93 | |
Akron | a99315e | 2018-07-03 22:56:45 +0200 | [diff] [blame] | 94 | // If no data given - fail |
| 95 | // (probably check that it's an assoc array) |
| 96 | if (!d) |
| 97 | return; |
| 98 | |
| 99 | // e.origin is probably set and okay - CHECK! |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 100 | |
Akron | a99315e | 2018-07-03 22:56:45 +0200 | [diff] [blame] | 101 | // Get origin ID |
| 102 | var id = d["originID"]; |
| 103 | |
| 104 | // If no origin ID given - fail |
| 105 | if (!id) |
| 106 | return; |
| 107 | |
Akron | a6c32b9 | 2018-07-02 18:39:42 +0200 | [diff] [blame] | 108 | // Get the widget |
Akron | a99315e | 2018-07-03 22:56:45 +0200 | [diff] [blame] | 109 | var widget = widgets[id]; |
Akron | a6c32b9 | 2018-07-02 18:39:42 +0200 | [diff] [blame] | 110 | |
| 111 | // If the addressed widget does not exist - fail |
| 112 | if (!widget) |
| 113 | return; |
| 114 | |
Akron | a99315e | 2018-07-03 22:56:45 +0200 | [diff] [blame] | 115 | // Check for message limits |
| 116 | if (limits[id]-- < 0) { |
Akron | e8e2c95 | 2018-07-04 13:43:12 +0200 | [diff] [blame] | 117 | |
| 118 | // Kill widget |
Akron | c0a2da8 | 2018-07-04 15:27:37 +0200 | [diff] [blame] | 119 | KorAP.log(0, 'Suspicious action by widget', widget.src); |
Akron | a99315e | 2018-07-03 22:56:45 +0200 | [diff] [blame] | 120 | widget.shutdown(); |
| 121 | delete limits[id]; |
| 122 | delete widgets[id]; |
| 123 | return; |
| 124 | }; |
Akron | a6c32b9 | 2018-07-02 18:39:42 +0200 | [diff] [blame] | 125 | |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 126 | // Resize the iframe |
| 127 | if (d.action === 'resize') { |
Akron | a6c32b9 | 2018-07-02 18:39:42 +0200 | [diff] [blame] | 128 | widget.resize(d); |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 129 | } |
| 130 | |
| 131 | // Log message from iframe |
| 132 | else if (d.action === 'log') { |
Akron | c0a2da8 | 2018-07-04 15:27:37 +0200 | [diff] [blame] | 133 | KorAP.log(d.code, d.msg, widget.src); |
Akron | a6c32b9 | 2018-07-02 18:39:42 +0200 | [diff] [blame] | 134 | }; |
| 135 | |
| 136 | // TODO: |
| 137 | // Close |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 138 | }, |
| 139 | |
Akron | a6c32b9 | 2018-07-02 18:39:42 +0200 | [diff] [blame] | 140 | // Get a random identifier |
| 141 | _randomID : function () { |
| 142 | return randomID(20); |
Akron | 479994e | 2018-07-02 13:21:44 +0200 | [diff] [blame] | 143 | } |
| 144 | } |
| 145 | }); |