Merge pull request #156 from pe4cey/remove-enterprise-check-for-remot…

…e-guides Respect whitelisted remote guides hosts from server regardless of ser…
neo4j · May 5, 2016 · 4fabf3c · 4fabf3c
2 parents 0daf172 + a0ca798
commit 4fabf3c
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 17 deletions.
diff --git a/app/scripts/init/commandInterpreters.coffee b/app/scripts/init/commandInterpreters.coffee
@@ -142,7 +142,7 @@ angular.module('neo4jApp')
             is_remote = yes
             url = input[('play'.length+2)..]
             host = url.match(/^(https?:\/\/[^\/]+)/)[1]
-            host_ok = Utils.hostIsAllowed host, $rootScope.kernel['browser.remote_content_hostname_whitelist'], $rootScope.neo4j.enterpriseEdition
+            host_ok = Utils.hostIsAllowed host, $rootScope.kernel['browser.remote_content_hostname_whitelist']
           else
             topic = topicalize(clean_url) or 'start'
             url = "content/guides/#{topic}.html"

diff --git a/lib/helpers.coffee b/lib/helpers.coffee
@@ -142,10 +142,10 @@ class neo.helpers
     @stripNGAttributes = (string = '') ->
       string.replace(/(\s+(ng|data|x)[^\s=]*\s*=\s*("[^"]*"|'[^']*'|[\w\-.:]+\s*))/ig, '')
 
-    @hostIsAllowed = (hostname, whitelist, is_enterprise) ->
-      return true if is_enterprise and (not whitelist or whitelist is '*')
-      whitelisted_hosts = if is_enterprise then whitelist.split(",") else ['http://guides.neo4j.com', 'https://guides.neo4j.com', 'http://localhost', 'https://localhost']
-      hostname in whitelisted_hosts     
+    @hostIsAllowed = (hostname, whitelist) ->
+      return true if whitelist is '*'
+      whitelisted_hosts = if whitelist? and whitelist isnt '' then whitelist.split(",") else ['http://guides.neo4j.com', 'https://guides.neo4j.com', 'http://localhost', 'https://localhost']
+      hostname in whitelisted_hosts
 
     @getBrowserName = ->
       return 'Opera' if !!window.opera || navigator.userAgent.indexOf(' OPR/') >= 0

diff --git a/test/spec/other/utils.coffee b/test/spec/other/utils.coffee
@@ -118,20 +118,16 @@ describe 'Utils', () ->
     text = 'hello<script>alert(1)</script> <p onclick="alert(1)" ng-show=\'false\'>xxx</p>'
     expect(Utils.cleanHTML text).toBe 'hello <p>xxx</p>'
 
-  it 'should respect whitelist for enterprise edition', ->
+  it 'should respect whitelist from server', ->
     host = 'http://first.com'
     whitelist = 'http://second.com,http://third.com'
-    expect(Utils.hostIsAllowed host, '*', yes).toBe yes
-    expect(Utils.hostIsAllowed host, host, yes).toBe yes
-    expect(Utils.hostIsAllowed host, whitelist, yes).toBe no
-
-  it 'should ignore whitelist for non enterprise editions', ->
-    host = 'http://first.com'
-    whitelist = 'http://second.com,http://third.com'
-    expect(Utils.hostIsAllowed host, '*', no).toBe no
-    expect(Utils.hostIsAllowed host, host, no).toBe no
-    expect(Utils.hostIsAllowed host, whitelist, no).toBe no
-    expect(Utils.hostIsAllowed 'http://guides.neo4j.com', whitelist, no).toBe yes
+    expect(Utils.hostIsAllowed host, '*').toBe yes
+    expect(Utils.hostIsAllowed host, null).toBe no
+    expect(Utils.hostIsAllowed host, '').toBe no
+    expect(Utils.hostIsAllowed host, host).toBe yes
+    expect(Utils.hostIsAllowed host, whitelist).toBe no
+    expect(Utils.hostIsAllowed 'http://guides.neo4j.com', null).toBe yes
+    expect(Utils.hostIsAllowed 'http://guides.neo4j.com', '').toBe yes
 
   it 'should merge two arrays with documents without duplicates', ->
     arr1 = [getDocument('MATCH (n) RETURN n'), getDocument('//My script\nRETURN "me"')]