polling-jsonp.js (1660B)
1 2 /** 3 * Module dependencies. 4 */ 5 6 var Polling = require('./polling'); 7 var qs = require('querystring'); 8 var rDoubleSlashes = /\\\\n/g; 9 var rSlashes = /(\\)?\\n/g; 10 var util = require('util'); 11 12 /** 13 * Module exports. 14 */ 15 16 module.exports = JSONP; 17 18 /** 19 * JSON-P polling transport. 20 * 21 * @api public 22 */ 23 24 function JSONP (req) { 25 Polling.call(this, req); 26 27 this.head = '___eio[' + (req._query.j || '').replace(/[^0-9]/g, '') + ']('; 28 this.foot = ');'; 29 } 30 31 /** 32 * Inherits from Polling. 33 */ 34 35 util.inherits(JSONP, Polling); 36 37 /** 38 * Handles incoming data. 39 * Due to a bug in \n handling by browsers, we expect a escaped string. 40 * 41 * @api private 42 */ 43 44 JSONP.prototype.onData = function (data) { 45 // we leverage the qs module so that we get built-in DoS protection 46 // and the fast alternative to decodeURIComponent 47 data = qs.parse(data).d; 48 if ('string' === typeof data) { 49 // client will send already escaped newlines as \\\\n and newlines as \\n 50 // \\n must be replaced with \n and \\\\n with \\n 51 data = data.replace(rSlashes, function (match, slashes) { 52 return slashes ? match : '\n'; 53 }); 54 Polling.prototype.onData.call(this, data.replace(rDoubleSlashes, '\\n')); 55 } 56 }; 57 58 /** 59 * Performs the write. 60 * 61 * @api private 62 */ 63 64 JSONP.prototype.doWrite = function (data, options, callback) { 65 // we must output valid javascript, not valid json 66 // see: http://timelessrepo.com/json-isnt-a-javascript-subset 67 var js = JSON.stringify(data) 68 .replace(/\u2028/g, '\\u2028') 69 .replace(/\u2029/g, '\\u2029'); 70 71 // prepare response 72 data = this.head + js + this.foot; 73 74 Polling.prototype.doWrite.call(this, data, options, callback); 75 };