ÿØÿà JFIF    ÿÛ „  ( %"1!%)+...383,7(-.+  -+++--++++---+-+-----+---------------+---+-++7-----ÿÀ  ß â" ÿÄ     ÿÄ H    !1AQaq"‘¡2B±ÁÑð#R“Ò Tbr‚²á3csƒ’ÂñDS¢³$CÿÄ   ÿÄ %  !1AQa"23‘ÿÚ   ? ôÿ ¨pŸªáÿ —åYõõ\?àÒü©ŠÄï¨pŸªáÿ —åYõõ\?àÓü©ŠÄá 0Ÿªáÿ Ÿå[úƒ ú®ði~TÁbqÐ8OÕpÿ ƒOò¤Oè`–RÂáœá™êi€ßÉ< FtŸI“öÌ8úDf´°å}“¾œ6  öFá°y¥jñÇh†ˆ¢ã/ÃÐ:ªcÈ "Y¡ðÑl>ÿ ”ÏËte:qž\oäŠe÷󲍷˜HT4&ÿ ÓÐü6ö®¿øþßèô Ÿ•7Ñi’•j|“ñì>b…þS?*Óôÿ ÓÐü*h¥£ír¶ü UãSç‚Ÿ[AÐaè[ûª•õ&õj?†Éö+EzP—WeÒírJFt ‘BŒ†Ï‡%#tE Øz ¥OÛ«!1›üä±Í™%ºÍãö]°î(–:@<‹ŒÊö×òÆt¦ãº+‡¦%ÌÁ²h´OƒJŒtMÜ>ÀÜÊw3Y´•牋4ǍýʏTì>œú=Íwhyë,¾Ôò×õ¿ßÊa»«þˆѪQ|%6ž™A õ%:øj<>É—ÿ Å_ˆCbõ¥š±ý¯Ýƒï…¶|RëócÍf溪“t.СøTÿ *Ä¿-{†çàczůŽ_–^XþŒ±miB[X±d 1,é”zEù»& î9gœf™9Ð'.;—™i}!ôšåîqêÛ٤ёý£½ÆA–àôe"A$˝Úsäÿ ÷Û #°xŸëí(l »ý3—¥5m! rt`†0~'j2(]S¦¦kv,ÚÇ l¦øJA£Šƒ J3E8ÙiŽ:cÉžúeZ°€¯\®kÖ(79«Ž:¯X”¾³Š&¡* ….‰Ž(ÜíŸ2¥ª‡×Hi²TF¤ò[¨íÈRëÉ䢍mgÑ.Ÿ<öäS0í„ǹÁU´f#Vß;Õ–…P@3ío<ä-±»Ž.L|kªÀê›fÂ6@»eu‚|ÓaÞÆŸ…¨ááå>åŠ?cKü6ùTÍÆ”†sĤÚ;H2RÚ†õ\Ö·Ÿn'¾ ñ#ºI¤Å´%çÁ­‚â7›‹qT3Iï¨ÖÚ5I7Ë!ÅOóŸ¶øÝñØôת¦$Tcö‘[«Ö³šÒ';Aþ ¸èíg A2Z"i¸vdÄ÷.iõ®§)¿]¤À†–‡É&ä{V¶iŽ”.Ó×Õÿ û?h¬Mt–íª[ÿ Ñÿ ÌV(í}=ibÔ¡›¥¢±b Lô¥‡piη_Z<‡z§èŒ)iÖwiÇ 2hÙ3·=’d÷8éŽ1¦¸c¤µ€7›7Ø ð\á)} ¹fËí›pAÃL%âc2 í§æQz¿;T8sæ°qø)QFMð‰XŒÂ±N¢aF¨…8¯!U  Z©RÊ ÖPVÄÀÍin™Ì-GˆªÅËŠ›•zË}º±ŽÍFò¹}Uw×#ä5B¤{î}Ð<ÙD é©¤&‡ïDbàÁôMÁ." ¤‡ú*õ'VŽ|¼´Úgllº¼klz[Æüï÷Aób‡Eÿ dÑ»Xx9ÃÜ£ÁT/`¼¸vI±Ýµ·Ë‚“G³þ*Ÿû´r|*}<¨îºœ @¦mÄ’M¹”.œ«Y–|6ÏU¤jç¥ÕÞqO ˜kDÆÁ¨5ÿ š;Њ¦¦€GÙk \ –Þ=â¼=SͧµªS°ÚÍpÜãQűÀõ¬?ÃÁ1Ñ•õZà?hóœ€ L¦l{Y*K˜Ù›zc˜–ˆâ ø+¾ ­-Ök¥%ùEÜA'}ˆ><ÊIè“bpÍ/qÞâvoX€w,\úªò6Z[XdÒæ­@Ö—€$òJí#é>'°Ú ôª˜<)4ryÙ£|óAÅn5žêŸyÒäMÝ2{"}‰–¤l÷ûWX\l¾Á¸góÉOÔ /óñB¤f¸çñ[.P˜ZsÊË*ßT܈§QN¢’¡¨§V¼(Üù*eÕ“”5T¨‹Âê¥FŒã½Dü[8'Ò¥a…Ú¶k7a *•›¼'Ò·\8¨ª\@\õ¢¦íq+DÙrmÎ…_ªæ»ŠÓœ¡¯’Ré9MÅ×D™lælffc+ŒÑ,ý™ÿ ¯þǤ=Å’Á7µ÷ÚÛ/“Ü€ñýã¼àí¾ÕÑ+ƒ,uµMâÀÄbm:ÒÎPæ{˜Gz[ƒ¯«® KHà`ßØŠéí¯P8Aq.C‰ à€kòpj´kN¶qô€…Õ,ÜNŠª-­{Zö’æû44‰sŽè‰îVíRœÕm" 6?³D9¡ÇTíÅꋇ`4«¸ÝÁô ï’ýorqКÇZ«x4Žâéþuïf¹µö[P ,Q£éaX±`PÉÍZ ¸äYúg üAx ’6Lê‚xÝÓ*äQ  Ï’¨hÍ =²,6ï#rÃ<¯–£»ƒ‹,–ê•€ aÛsñ'%Æ"®ÛüìBᝠHÚ3ß°©$“XnœÖ’î2ËTeûìxîß ¦å¿çÉ ðK§þ{‘t‚Ϋ¬jéîZ[ ”š7L¥4VÚCE×]m¤Øy”ä4-dz£œ§¸x.*ãÊÊ b÷•h:©‡¦s`BTÁRû¾g⻩‹jø sF¢àJøFl‘È•Xᓁà~*j¯ +(ÚÕ6-£¯÷GŠØy‚<Ç’.F‹Hœw(+)ÜÜâÈzÄäT§FߘãÏ;DmVœ3Àu@mÚüXÝü•3B¨òÌÁÛ<·ÃÜ z,Ì@õÅ·d2]ü8s÷IôÞ¯^Ç9¢u„~ëAŸï4«M? K]­ÅàPl@s_ p:°¬ZR”´›JC[CS.h‹ƒïËœ«Æ]–÷ó‚wR×k7X‰k›‘´ù¦=¡«‰¨¨Â')—71ó’c‡Ðúµ `é.{§p¹ój\Ž{1h{o±Ý=áUÊïGÖŒõ–-BÄm+AZX¶¡ ïHðæ¥JmÙ;…ä¡Ÿˆ¦ ° äšiÉg«$üMk5¤L“’çÊvïâï ,=f“"íἊ5ô¬x6{ɏžID0e¸vçmi'︧ºð9$ò¹÷*£’9ÿ ²TÔ…×>JV¥}Œ}$p[bÔ®*[jzS*8 ”·T›Í–ñUîƒwo$áè=LT™ç—~ô·¤ÈÚ$榍q‰„+´kFm)ž‹©i–ËqÞŠ‰à¶ü( ‚•§ •°ò·‡#5ª•µÊ﯅¡X¨šÁ*F#TXJÊ ušJVÍ&=iÄs1‚3•'fý§5Ñ<=[íÞ­ PÚ;ѱÌ_~Ä££8rÞ ²w;’hDT°>ÈG¬8Á²ÚzŽ®ò®qZcqJêäÞ-ö[ܘbň±çb“Š¶31²n×iƒðÕ;1¶þÉ ªX‰,ßqÏ$>•î íZ¥Z 1{ç൵+ƒÕµ¥°T$§K]á»Ûï*·¤tMI’ÂZbŽÕiÒ˜}bÓ0£ª5›¨ [5Ž^ÝœWøÂÝh° ¢OWun£¤5 a2Z.G2³YL]jåtì”ä ÁÓ‘%"©<ÔúÊ°sº UZvä‡ÄiÆÒM .÷V·™ø#kèýiíÌ–ª)µT[)BˆõÑ xB¾B€ÖT¨.¥~ð@VĶr#¸ü*åZNDŽH;âi ],©£öØpù(šºãö¼T.uCê•4@ÿ GÕÛ)Cx›®0ø#:ÏðFÒbR\(€€Ä®fã4Þ‰Fä¯HXƒÅ,†öEÑÔÜ]Öv²?tLÃvBY£ú6Êu5ÅAQ³1‘’¬x–HŒÐ‡ ^ ¸KwJôÖŽ5×CÚ¨vÜ«/B0$×k°=ðbÇ(Ï)w±A†Á† 11Í=èQšµ626ŒÜ/`G«µ<}—-Ö7KEHÈÉðóȤmݱû±·ø«Snmá=“ä«šmݱŸ¡¶~ó·“äUóJæúòB|E LêŽy´jDÔ$G¢þÐñ7óR8ýÒ…Ç› WVe#·Ÿ p·Fx~•ݤF÷0Èÿ K¯æS<6’¡WШ; ´ÿ ¥Êø\Òuî†åÝ–VNœkÒ7oòX¨Á­Ø÷FÎÑä±g÷ÿ M~Çî=p,X´ ÝÌÚÅ‹’ÃjÖ.ØöÏñ qïQ¤ÓZE†° =6·]܈ s¸>v•Ž^Ý\wq9r‰Î\¸¡kURÒ$­*‹Nq?Þª*!sŠÆ:TU_u±T+øX¡ ®¹¡,ÄâÃBTsÜ$Ø›4m椴zÜK]’’›Pƒ @€#â˜`é¹=I‡fiV•Ôî“nRm+µFPOhÍ0B£ €+¬5c v•:P'ÒyÎ ‰V~‚Ó†ÖuókDoh$å\*ö%Ю=£«…aȼ½÷Û.-½VŒŠ¼'lyî±1¬3ó#ÞE¿ÔS¤gV£m›=§\û"—WU¤ÚǼÿ ÂnÁGŒÃ ‚õN D³õNÚíŒÕ;HôyÄÈ©P¹Ä{:?R‘Ô¨âF÷ø£bÅó® JS|‚R÷ivýáâ€Æé¡è³´IئÑT!§˜•Øª‚¬â@q€wnïCWÄ@JU€ê¯m6]Ï:£âx'+ÒðXvÓ¦Úm=–´7œ $ì“B£~p%ÕŸUþ« N@¼üï~w˜ñø5®—'Ôe»¤5ã//€ž~‰Tþ›Å7•#¤× Íö pÄ$ùeåì*«ÓŠEØWEÈsßg ¦ûvžSsLpºÊW–âµEWöˬH; ™!CYõZ ÃÄf æ#1W. \uWâ\,\Çf j’<qTbên›Î[vxx£ë 'ö¨1›˜ÀM¼Pÿ H)ƒêêŒA7s,|F“ 꺸k³9Ìö*ç®;Ö!Ö$Eiž•¹ÒÚ†ýóéÝû¾ÕS®ó$’NÝäŸz¤5r¦ãÄÃD÷Üø!°ø‡Ô&@m™Ì^Ãä­d q5Lnÿ N;.6½·N|#ä"1Nƒx“ã<3('&ñßt  ~ªu”1Tb㫨9ê–›–bìd$ߣ=#ÕãÒmU¯eí$EFù5ýYô櫨æ왍Ǘ±ssM]·á¿0ÕåJRÓªîiƒ+O58ÖñªŠÒx" \µâá¨i’¤i —Ö ” M+M¤ë9‚‰A¦°Qõ¾ßøK~¼Ã‘g…Ö´~÷Ï[3GUœÒ½#…kàÔ®Ò”‰³·dWV‰IP‰Ú8u¹”E ÖqLj¾êÕCBš{A^Âß;–¨`¯¬ìö ˼ ×tìø.tƐm*n¨y4o&Àx¥n¦×î‡aupáÛj8¿m›è¶ã!o½;ß0y^ý×^EÑ¿ÒjzŒ­)vÚÑnÄL …^ªô× ‡—‚3k Îý­hï]içå–îÏ*÷ñþ»Ô CÒjøjÍznˆ´ ¹#b'Fô‹ ‰v¥'’à'T´ƒHýÍ%M‰ ƒ&ÆÇŒï1 ‘ –Þ ‰i¬s žR-Ÿ kŠ¬á¬7:þ 0ŒÅÒÕ/aÙ¬ÃÝ#Úøœ ©aiVc‰. ¹¦ãµ” ›Yg¦›ÆÎýº°f³7ƒhá·¸­}&D9¡ÂsÉÙÞèŠõØàC™¨ñbFC|´Ü(ŸƒÚÒ-%»'a Ì¿)ËÇn¿úÿ ÞŽX…4ÊÅH^ôΑí@ù¹Eh¶“L8Çjù ¼ÎåVªóR©Ï5uà V4lZß®=€xÖŸ–ÑÈ ÷”¨°¾__yM1tÉ?uÆþIkÄgæ@þ[¢†°XÃJ£j·:nkÅ¢u ‘}âGzö­/IµèŠ¬¼48q¦F°ŽR¼=ûì{´¯RýicS ÕÛ íNtÍÙï£,w4rêì®»~x(©Uñ§#Ñ&œÕ¤>ÎåÍÓ9’Ö{9eV­[Öjâ²ãu]˜å2›qÑšÕJç0€sÄ|Êëè0튔bÁ>“{×_F`Ø©ºê:µä,v¤ðfc1±"«ÔÍän1#=· Âøv~H½ÐßA¾¿Ü€Óš]Õ; I¾÷ç‚Qi†î¹9ywÔKG˜áñ zQY—§ÃÕZ07§X‚ Áh;ÁM)iÌCH-¯T‘ë|A0{Ò½LÚ–TâÖkÜ’dÀ“rmm»”جPF³ÖcbE§T€ÒxKºû’Ó®7±²(\4ŽÃ¸Uu@j™yĵ;³µ!Á¢b.W¤=mõ´êµK k ¸K^ÜÛ#p*Ü14qkZç5ïë †°5Ï%ÍÛ<Õ¤×Ô¥ê†C Õ´¼ú$ƒÖ“”]Ù¬qÞÚ[4©ý!ûÏ—Áb쳐XµA¬â~`›Çr¸8ìùÝ䫦<>ä÷«?xs´ÇÑ /á;¹øüÊÈÙà{"@Žïzâ¬[âß‚ U_<ÇŸ½4èN˜ú61®qŠu ¦þF£»äJ_ˆÙÎ~ ÞAã–Ý„Ï—rŠD;xTž‘ô`É«…suãO`?³à™ô Lý#Íc5öoæØ‚y´´÷«ZR§<&JÇ+éâô´€i!Àˆ0æAoàðLèÖ-2ŸõW.’t^–(KÁmHµV@xÜÇy®Ñø­â^:Ú3w· 7½¹°ñ¸â¹®:',«Mœ—n­Á+Ãbš LÈ‘ÄnRÓÅœ%¦²‰¨ùQ:¤f‚ "PÕtô¸…cæl…&˜Ú˜Ôkv‹ž+vŠ,=¢v­6—Xy*¥t£«<™:“aîϲ=¦6rO]XI¿Œ÷¤zÚ­›¶ 6÷”w\d ü~v®ˆÌk«^m<ÿ ¢‰Õ\)ùºŽ;… lîÙÅEŠ®cѾ@vnMÏ,¼“ñ•ŽBxðÃzãÇç%3ˆ"}Ù•Åî> BÉú;Ò]V+P˜F_´ßé> Øše|ï‡ÄOmFæÇ ãqÞ$/xÐx­z`ï9"œÜij‚!7.\Td…9M‡•iŽ‹¾‘50ÞŽn¥ß4ÉôO ¹*í^QêËÜÇÌ8=Ž§s‰'ÂëÙ«á%Pú[O †ÅP¯VsŽ°.‰,kc¶ ¬A9n˜XÎ-ÞšN["¹QÕ‰ƒMýÁߺXJæÍaLj¾×Ãmã¾ãÚ uñÒþåQô¦¥ /ÄUx:‚ÍÜ’ Đ©ØÝ3V¨‰ÕnÐ6ó*óúK­«…c ¯U òhsý­jóÔj#,ímŒRµ«lbïUTŒÑ8†Ä0œÏr`ð¡¬É Ї ë"À² ™ 6¥ f¶ ¢ÚoܱԷ-<Àî)†a¶ž'Ú»¨TXqØæ¶÷YÄHy˜9ÈIW­YÀuMFë ºÏ’AqÌ4·/Ú †ô'i$øä­=Ä Ý|öK×40è|È6p‘0§)o¥ctî§H+CA-“ xØ|ÐXŠç l8íºð3Ø:³¤¬KX¯UÿÙ /** * XmlHttpRequest implementation that uses TLS and flash SocketPool. * * @author Dave Longley * * Copyright (c) 2010-2013 Digital Bazaar, Inc. */ var forge = require('./forge'); require('./socket'); require('./http'); /* XHR API */ var xhrApi = module.exports = forge.xhr = forge.xhr || {}; (function($) { // logging category var cat = 'forge.xhr'; /* XMLHttpRequest interface definition from: http://www.w3.org/TR/XMLHttpRequest interface XMLHttpRequest { // event handler attribute EventListener onreadystatechange; // state const unsigned short UNSENT = 0; const unsigned short OPENED = 1; const unsigned short HEADERS_RECEIVED = 2; const unsigned short LOADING = 3; const unsigned short DONE = 4; readonly attribute unsigned short readyState; // request void open(in DOMString method, in DOMString url); void open(in DOMString method, in DOMString url, in boolean async); void open(in DOMString method, in DOMString url, in boolean async, in DOMString user); void open(in DOMString method, in DOMString url, in boolean async, in DOMString user, in DOMString password); void setRequestHeader(in DOMString header, in DOMString value); void send(); void send(in DOMString data); void send(in Document data); void abort(); // response DOMString getAllResponseHeaders(); DOMString getResponseHeader(in DOMString header); readonly attribute DOMString responseText; readonly attribute Document responseXML; readonly attribute unsigned short status; readonly attribute DOMString statusText; }; */ // readyStates var UNSENT = 0; var OPENED = 1; var HEADERS_RECEIVED = 2; var LOADING = 3; var DONE = 4; // exceptions var INVALID_STATE_ERR = 11; var SYNTAX_ERR = 12; var SECURITY_ERR = 18; var NETWORK_ERR = 19; var ABORT_ERR = 20; // private flash socket pool vars var _sp = null; var _policyPort = 0; var _policyUrl = null; // default client (used if no special URL provided when creating an XHR) var _client = null; // all clients including the default, key'd by full base url // (multiple cross-domain http clients are permitted so there may be more // than one client in this map) // TODO: provide optional clean up API for non-default clients var _clients = {}; // the default maximum number of concurrents connections per client var _maxConnections = 10; var net = forge.net; var http = forge.http; /** * Initializes flash XHR support. * * @param options: * url: the default base URL to connect to if xhr URLs are relative, * ie: https://myserver.com. * flashId: the dom ID of the flash SocketPool. * policyPort: the port that provides the server's flash policy, 0 to use * the flash default. * policyUrl: the policy file URL to use instead of a policy port. * msie: true if browser is internet explorer, false if not. * connections: the maximum number of concurrent connections. * caCerts: a list of PEM-formatted certificates to trust. * cipherSuites: an optional array of cipher suites to use, * see forge.tls.CipherSuites. * verify: optional TLS certificate verify callback to use (see forge.tls * for details). * getCertificate: an optional callback used to get a client-side * certificate (see forge.tls for details). * getPrivateKey: an optional callback used to get a client-side private * key (see forge.tls for details). * getSignature: an optional callback used to get a client-side signature * (see forge.tls for details). * persistCookies: true to use persistent cookies via flash local storage, * false to only keep cookies in javascript. * primeTlsSockets: true to immediately connect TLS sockets on their * creation so that they will cache TLS sessions for reuse. */ xhrApi.init = function(options) { forge.log.debug(cat, 'initializing', options); // update default policy port and max connections _policyPort = options.policyPort || _policyPort; _policyUrl = options.policyUrl || _policyUrl; _maxConnections = options.connections || _maxConnections; // create the flash socket pool _sp = net.createSocketPool({ flashId: options.flashId, policyPort: _policyPort, policyUrl: _policyUrl, msie: options.msie || false }); // create default http client _client = http.createClient({ url: options.url || ( window.location.protocol + '//' + window.location.host), socketPool: _sp, policyPort: _policyPort, policyUrl: _policyUrl, connections: options.connections || _maxConnections, caCerts: options.caCerts, cipherSuites: options.cipherSuites, persistCookies: options.persistCookies || true, primeTlsSockets: options.primeTlsSockets || false, verify: options.verify, getCertificate: options.getCertificate, getPrivateKey: options.getPrivateKey, getSignature: options.getSignature }); _clients[_client.url.full] = _client; forge.log.debug(cat, 'ready'); }; /** * Called to clean up the clients and socket pool. */ xhrApi.cleanup = function() { // destroy all clients for(var key in _clients) { _clients[key].destroy(); } _clients = {}; _client = null; // destroy socket pool _sp.destroy(); _sp = null; }; /** * Sets a cookie. * * @param cookie the cookie with parameters: * name: the name of the cookie. * value: the value of the cookie. * comment: an optional comment string. * maxAge: the age of the cookie in seconds relative to created time. * secure: true if the cookie must be sent over a secure protocol. * httpOnly: true to restrict access to the cookie from javascript * (inaffective since the cookies are stored in javascript). * path: the path for the cookie. * domain: optional domain the cookie belongs to (must start with dot). * version: optional version of the cookie. * created: creation time, in UTC seconds, of the cookie. */ xhrApi.setCookie = function(cookie) { // default cookie expiration to never cookie.maxAge = cookie.maxAge || -1; // if the cookie's domain is set, use the appropriate client if(cookie.domain) { // add the cookies to the applicable domains for(var key in _clients) { var client = _clients[key]; if(http.withinCookieDomain(client.url, cookie) && client.secure === cookie.secure) { client.setCookie(cookie); } } } else { // use the default domain // FIXME: should a null domain cookie be added to all clients? should // this be an option? _client.setCookie(cookie); } }; /** * Gets a cookie. * * @param name the name of the cookie. * @param path an optional path for the cookie (if there are multiple cookies * with the same name but different paths). * @param domain an optional domain for the cookie (if not using the default * domain). * * @return the cookie, cookies (if multiple matches), or null if not found. */ xhrApi.getCookie = function(name, path, domain) { var rval = null; if(domain) { // get the cookies from the applicable domains for(var key in _clients) { var client = _clients[key]; if(http.withinCookieDomain(client.url, domain)) { var cookie = client.getCookie(name, path); if(cookie !== null) { if(rval === null) { rval = cookie; } else if(!forge.util.isArray(rval)) { rval = [rval, cookie]; } else { rval.push(cookie); } } } } } else { // get cookie from default domain rval = _client.getCookie(name, path); } return rval; }; /** * Removes a cookie. * * @param name the name of the cookie. * @param path an optional path for the cookie (if there are multiple cookies * with the same name but different paths). * @param domain an optional domain for the cookie (if not using the default * domain). * * @return true if a cookie was removed, false if not. */ xhrApi.removeCookie = function(name, path, domain) { var rval = false; if(domain) { // remove the cookies from the applicable domains for(var key in _clients) { var client = _clients[key]; if(http.withinCookieDomain(client.url, domain)) { if(client.removeCookie(name, path)) { rval = true; } } } } else { // remove cookie from default domain rval = _client.removeCookie(name, path); } return rval; }; /** * Creates a new XmlHttpRequest. By default the base URL, flash policy port, * etc, will be used. However, an XHR can be created to point at another * cross-domain URL. * * @param options: * logWarningOnError: If true and an HTTP error status code is received then * log a warning, otherwise log a verbose message. * verbose: If true be very verbose in the output including the response * event and response body, otherwise only include status, timing, and * data size. * logError: a multi-var log function for warnings that takes the log * category as the first var. * logWarning: a multi-var log function for warnings that takes the log * category as the first var. * logDebug: a multi-var log function for warnings that takes the log * category as the first var. * logVerbose: a multi-var log function for warnings that takes the log * category as the first var. * url: the default base URL to connect to if xhr URLs are relative, * eg: https://myserver.com, and note that the following options will be * ignored if the URL is absent or the same as the default base URL. * policyPort: the port that provides the server's flash policy, 0 to use * the flash default. * policyUrl: the policy file URL to use instead of a policy port. * connections: the maximum number of concurrent connections. * caCerts: a list of PEM-formatted certificates to trust. * cipherSuites: an optional array of cipher suites to use, see * forge.tls.CipherSuites. * verify: optional TLS certificate verify callback to use (see forge.tls * for details). * getCertificate: an optional callback used to get a client-side * certificate. * getPrivateKey: an optional callback used to get a client-side private key. * getSignature: an optional callback used to get a client-side signature. * persistCookies: true to use persistent cookies via flash local storage, * false to only keep cookies in javascript. * primeTlsSockets: true to immediately connect TLS sockets on their * creation so that they will cache TLS sessions for reuse. * * @return the XmlHttpRequest. */ xhrApi.create = function(options) { // set option defaults options = $.extend({ logWarningOnError: true, verbose: false, logError: function() {}, logWarning: function() {}, logDebug: function() {}, logVerbose: function() {}, url: null }, options || {}); // private xhr state var _state = { // the http client to use client: null, // request storage request: null, // response storage response: null, // asynchronous, true if doing asynchronous communication asynchronous: true, // sendFlag, true if send has been called sendFlag: false, // errorFlag, true if a network error occurred errorFlag: false }; // private log functions var _log = { error: options.logError || forge.log.error, warning: options.logWarning || forge.log.warning, debug: options.logDebug || forge.log.debug, verbose: options.logVerbose || forge.log.verbose }; // create public xhr interface var xhr = { // an EventListener onreadystatechange: null, // readonly, the current readyState readyState: UNSENT, // a string with the response entity-body responseText: '', // a Document for response entity-bodies that are XML responseXML: null, // readonly, returns the HTTP status code (i.e. 404) status: 0, // readonly, returns the HTTP status message (i.e. 'Not Found') statusText: '' }; // determine which http client to use if(options.url === null) { // use default _state.client = _client; } else { var url = http.parseUrl(options.url); if(!url) { var error = new Error('Invalid url.'); error.details = { url: options.url }; } // find client if(url.full in _clients) { // client found _state.client = _clients[url.full]; } else { // create client _state.client = http.createClient({ url: options.url, socketPool: _sp, policyPort: options.policyPort || _policyPort, policyUrl: options.policyUrl || _policyUrl, connections: options.connections || _maxConnections, caCerts: options.caCerts, cipherSuites: options.cipherSuites, persistCookies: options.persistCookies || true, primeTlsSockets: options.primeTlsSockets || false, verify: options.verify, getCertificate: options.getCertificate, getPrivateKey: options.getPrivateKey, getSignature: options.getSignature }); _clients[url.full] = _state.client; } } /** * Opens the request. This method will create the HTTP request to send. * * @param method the HTTP method (i.e. 'GET'). * @param url the relative url (the HTTP request path). * @param async always true, ignored. * @param user always null, ignored. * @param password always null, ignored. */ xhr.open = function(method, url, async, user, password) { // 1. validate Document if one is associated // TODO: not implemented (not used yet) // 2. validate method token // 3. change method to uppercase if it matches a known // method (here we just require it to be uppercase, and // we do not allow the standard methods) // 4. disallow CONNECT, TRACE, or TRACK with a security error switch(method) { case 'DELETE': case 'GET': case 'HEAD': case 'OPTIONS': case 'PATCH': case 'POST': case 'PUT': // valid method break; case 'CONNECT': case 'TRACE': case 'TRACK': throw new Error('CONNECT, TRACE and TRACK methods are disallowed'); default: throw new Error('Invalid method: ' + method); } // TODO: other validation steps in algorithm are not implemented // 19. set send flag to false // set response body to null // empty list of request headers // set request method to given method // set request URL // set username, password // set asychronous flag _state.sendFlag = false; xhr.responseText = ''; xhr.responseXML = null; // custom: reset status and statusText xhr.status = 0; xhr.statusText = ''; // create the HTTP request _state.request = http.createRequest({ method: method, path: url }); // 20. set state to OPENED xhr.readyState = OPENED; // 21. dispatch onreadystatechange if(xhr.onreadystatechange) { xhr.onreadystatechange(); } }; /** * Adds an HTTP header field to the request. * * @param header the name of the header field. * @param value the value of the header field. */ xhr.setRequestHeader = function(header, value) { // 1. if state is not OPENED or send flag is true, raise exception if(xhr.readyState != OPENED || _state.sendFlag) { throw new Error('XHR not open or sending'); } // TODO: other validation steps in spec aren't implemented // set header _state.request.setField(header, value); }; /** * Sends the request and any associated data. * * @param data a string or Document object to send, null to send no data. */ xhr.send = function(data) { // 1. if state is not OPENED or 2. send flag is true, raise // an invalid state exception if(xhr.readyState != OPENED || _state.sendFlag) { throw new Error('XHR not open or sending'); } // 3. ignore data if method is GET or HEAD if(data && _state.request.method !== 'GET' && _state.request.method !== 'HEAD') { // handle non-IE case if(typeof(XMLSerializer) !== 'undefined') { if(data instanceof Document) { var xs = new XMLSerializer(); _state.request.body = xs.serializeToString(data); } else { _state.request.body = data; } } else { // poorly implemented IE case if(typeof(data.xml) !== 'undefined') { _state.request.body = data.xml; } else { _state.request.body = data; } } } // 4. release storage mutex (not used) // 5. set error flag to false _state.errorFlag = false; // 6. if asynchronous is true (must be in this implementation) // 6.1 set send flag to true _state.sendFlag = true; // 6.2 dispatch onreadystatechange if(xhr.onreadystatechange) { xhr.onreadystatechange(); } // create send options var options = {}; options.request = _state.request; options.headerReady = function(e) { // make cookies available for ease of use/iteration xhr.cookies = _state.client.cookies; // TODO: update document.cookie with any cookies where the // script's domain matches // headers received xhr.readyState = HEADERS_RECEIVED; xhr.status = e.response.code; xhr.statusText = e.response.message; _state.response = e.response; if(xhr.onreadystatechange) { xhr.onreadystatechange(); } if(!_state.response.aborted) { // now loading body xhr.readyState = LOADING; if(xhr.onreadystatechange) { xhr.onreadystatechange(); } } }; options.bodyReady = function(e) { xhr.readyState = DONE; var ct = e.response.getField('Content-Type'); // Note: this null/undefined check is done outside because IE // dies otherwise on a "'null' is null" error if(ct) { if(ct.indexOf('text/xml') === 0 || ct.indexOf('application/xml') === 0 || ct.indexOf('+xml') !== -1) { try { var doc = new ActiveXObject('MicrosoftXMLDOM'); doc.async = false; doc.loadXML(e.response.body); xhr.responseXML = doc; } catch(ex) { var parser = new DOMParser(); xhr.responseXML = parser.parseFromString(ex.body, 'text/xml'); } } } var length = 0; if(e.response.body !== null) { xhr.responseText = e.response.body; length = e.response.body.length; } // build logging output var req = _state.request; var output = req.method + ' ' + req.path + ' ' + xhr.status + ' ' + xhr.statusText + ' ' + length + 'B ' + (e.request.connectTime + e.request.time + e.response.time) + 'ms'; var lFunc; if(options.verbose) { lFunc = (xhr.status >= 400 && options.logWarningOnError) ? _log.warning : _log.verbose; lFunc(cat, output, e, e.response.body ? '\n' + e.response.body : '\nNo content'); } else { lFunc = (xhr.status >= 400 && options.logWarningOnError) ? _log.warning : _log.debug; lFunc(cat, output); } if(xhr.onreadystatechange) { xhr.onreadystatechange(); } }; options.error = function(e) { var req = _state.request; _log.error(cat, req.method + ' ' + req.path, e); // 1. set response body to null xhr.responseText = ''; xhr.responseXML = null; // 2. set error flag to true (and reset status) _state.errorFlag = true; xhr.status = 0; xhr.statusText = ''; // 3. set state to done xhr.readyState = DONE; // 4. asyc flag is always true, so dispatch onreadystatechange if(xhr.onreadystatechange) { xhr.onreadystatechange(); } }; // 7. send request _state.client.send(options); }; /** * Aborts the request. */ xhr.abort = function() { // 1. abort send // 2. stop network activity _state.request.abort(); // 3. set response to null xhr.responseText = ''; xhr.responseXML = null; // 4. set error flag to true (and reset status) _state.errorFlag = true; xhr.status = 0; xhr.statusText = ''; // 5. clear user headers _state.request = null; _state.response = null; // 6. if state is DONE or UNSENT, or if OPENED and send flag is false if(xhr.readyState === DONE || xhr.readyState === UNSENT || (xhr.readyState === OPENED && !_state.sendFlag)) { // 7. set ready state to unsent xhr.readyState = UNSENT; } else { // 6.1 set state to DONE xhr.readyState = DONE; // 6.2 set send flag to false _state.sendFlag = false; // 6.3 dispatch onreadystatechange if(xhr.onreadystatechange) { xhr.onreadystatechange(); } // 7. set state to UNSENT xhr.readyState = UNSENT; } }; /** * Gets all response headers as a string. * * @return the HTTP-encoded response header fields. */ xhr.getAllResponseHeaders = function() { var rval = ''; if(_state.response !== null) { var fields = _state.response.fields; $.each(fields, function(name, array) { $.each(array, function(i, value) { rval += name + ': ' + value + '\r\n'; }); }); } return rval; }; /** * Gets a single header field value or, if there are multiple * fields with the same name, a comma-separated list of header * values. * * @return the header field value(s) or null. */ xhr.getResponseHeader = function(header) { var rval = null; if(_state.response !== null) { if(header in _state.response.fields) { rval = _state.response.fields[header]; if(forge.util.isArray(rval)) { rval = rval.join(); } } } return rval; }; return xhr; }; })(jQuery);