From 0f16e518ff6c0a1edc33fd36fdc9d7ef3d3e732a Mon Sep 17 00:00:00 2001 From: John McLear Date: Mon, 22 Feb 2021 09:10:02 +0000 Subject: [PATCH] api: drop JSONP (#4835) * api: drop JSONP * docs: drop JSONP * tests: drop JSONP * api: remove isValidJSONPName require --- doc/api/http_api.md | 8 -- src/node/hooks/express/isValidJSONPName.js | 85 ---------------------- src/node/hooks/express/openapi.js | 7 -- src/tests/backend/specs/api/api.js | 9 --- 4 files changed, 109 deletions(-) delete mode 100644 src/node/hooks/express/isValidJSONPName.js diff --git a/doc/api/http_api.md b/doc/api/http_api.md index 0cfc85a07..9cab7f56b 100644 --- a/doc/api/http_api.md +++ b/doc/api/http_api.md @@ -134,13 +134,6 @@ Authentication works via a token that is sent with each request as a post parame All functions will also be available through a node module accessible from other node.js applications. -### JSONP - -The API provides _JSONP_ support to allow requests from a server in a different domain. -Simply add `&jsonp=?` to the API call. - -Example usage: https://api.jquery.com/jQuery.getJSON/ - ## API Methods ### Groups @@ -636,4 +629,3 @@ get stats of the etherpad instance *Example returns* * `{"code":0,"message":"ok","data":{"totalPads":3,"totalSessions": 2,"totalActivePads": 1}}` - diff --git a/src/node/hooks/express/isValidJSONPName.js b/src/node/hooks/express/isValidJSONPName.js deleted file mode 100644 index c8ca5bea1..000000000 --- a/src/node/hooks/express/isValidJSONPName.js +++ /dev/null @@ -1,85 +0,0 @@ -'use strict'; - -const RESERVED_WORDS = [ - 'abstract', - 'arguments', - 'await', - 'boolean', - 'break', - 'byte', - 'case', - 'catch', - 'char', - 'class', - 'const', - 'continue', - 'debugger', - 'default', - 'delete', - 'do', - 'double', - 'else', - 'enum', - 'eval', - 'export', - 'extends', - 'false', - 'final', - 'finally', - 'float', - 'for', - 'function', - 'goto', - 'if', - 'implements', - 'import', - 'in', - 'instanceof', - 'int', - 'interface', - 'let', - 'long', - 'native', - 'new', - 'null', - 'package', - 'private', - 'protected', - 'public', - 'return', - 'short', - 'static', - 'super', - 'switch', - 'synchronized', - 'this', - 'throw', - 'throws', - 'transient', - 'true', - 'try', - 'typeof', - 'var', - 'void', - 'volatile', - 'while', - 'with', - 'yield', -]; - -const regex = /^[a-zA-Z_$][0-9a-zA-Z_$]*(?:\[(?:".+"|'.+'|\d+)\])*?$/; - -module.exports.check = (inputStr) => { - let isValid = true; - inputStr.split('.').forEach((part) => { - if (!regex.test(part)) { - isValid = false; - } - - if (RESERVED_WORDS.indexOf(part) !== -1) { - isValid = false; - } - }); - - return isValid; -}; diff --git a/src/node/hooks/express/openapi.js b/src/node/hooks/express/openapi.js index 4dc335cee..c4c1ccf5c 100644 --- a/src/node/hooks/express/openapi.js +++ b/src/node/hooks/express/openapi.js @@ -22,7 +22,6 @@ const createHTTPError = require('http-errors'); const apiHandler = require('../../handler/APIHandler'); const settings = require('../../utils/Settings'); -const isValidJSONPName = require('./isValidJSONPName'); const log4js = require('log4js'); const logger = log4js.getLogger('API'); @@ -686,12 +685,6 @@ exports.expressCreateServer = (hookName, args, cb) => { } } - // support jsonp response format - if (req.query.jsonp && isValidJSONPName.check(req.query.jsonp)) { - res.header('Content-Type', 'application/javascript'); - response = `${req.query.jsonp}(${JSON.stringify(response)})`; - } - // send response return res.send(response); }); diff --git a/src/tests/backend/specs/api/api.js b/src/tests/backend/specs/api/api.js index cd8506519..d05a9989d 100644 --- a/src/tests/backend/specs/api/api.js +++ b/src/tests/backend/specs/api/api.js @@ -56,13 +56,4 @@ describe(__filename, function () { }); }); - it('supports jsonp calls', async function () { - this.timeout(150); - await agent.get(`${endPoint('createPad')}&jsonp=jsonp_1&padID=${testPadId}`) - .expect(200) - .expect('Content-Type', /javascript/) - .expect((res) => { - if (!res.text.match('jsonp_1')) throw new Error('no jsonp call seen'); - }); - }); });