* Create a function that can check a URL's origin against a list of allowed/whitelisted origins. * The current location's origin is implicitly trusted. * * @param {string[]} whitelistedOriginUrls - A list of URLs (strings), whose origins are trusted. * * @returns {Function} - A function that re
(whitelistedOriginUrls)
| 20972 | * whether it is of an allowed origin. |
| 20973 | */ |
| 20974 | function urlIsAllowedOriginFactory(whitelistedOriginUrls) { |
| 20975 | var parsedAllowedOriginUrls = [originUrl].concat(whitelistedOriginUrls.map(urlResolve)); |
| 20976 | |
| 20977 | /** |
| 20978 | * Check whether the specified URL (string or parsed URL object) has an origin that is allowed |
| 20979 | * based on a list of whitelisted-origin URLs. The current location's origin is implicitly |
| 20980 | * trusted. |
| 20981 | * |
| 20982 | * @param {string|Object} requestUrl - The URL to be checked (provided as a string that will be |
| 20983 | * resolved or a parsed URL object). |
| 20984 | * |
| 20985 | * @returns {boolean} - Whether the specified URL is of an allowed origin. |
| 20986 | */ |
| 20987 | return function urlIsAllowedOrigin(requestUrl) { |
| 20988 | var parsedUrl = urlResolve(requestUrl); |
| 20989 | return parsedAllowedOriginUrls.some(urlsAreSameOrigin.bind(null, parsedUrl)); |
| 20990 | }; |
| 20991 | } |
| 20992 | |
| 20993 | /** |
| 20994 | * Determine if two URLs share the same origin. |
no test coverage detected