Implement support for URL whitelisting

CHANGELOG.md

@@ -1,6 +1,8 @@
 ### Next release ###
 
 #### Features ####
+*   Implement support for URL whitelisting (Justin Case) [Issue #588]
+
 #### Bug fixes ####
 
 ### 1.8.1 ###

lib/capybara/poltergeist/browser.rb

@@ -324,6 +324,10 @@ module Capybara::Poltergeist
       end
     end
 
+    def url_whitelist=(whitelist)
+      command 'set_url_whitelist', *whitelist
+    end
+
     def url_blacklist=(blacklist)
       command 'set_url_blacklist', *blacklist
     end

lib/capybara/poltergeist/client/browser.coffee

@@ -481,6 +481,10 @@ class Poltergeist.Browser
     else
       command.sendResponse(false)
 
+  set_url_whitelist: ->
+    @currentPage.urlWhitelist = Array.prototype.slice.call(arguments)
+    @current_command.sendResponse(true)
+
   set_url_blacklist: ->
     @currentPage.urlBlacklist = Array.prototype.slice.call(arguments)
     @current_command.sendResponse(true)

lib/capybara/poltergeist/client/compiled/browser.js

@@ -653,6 +653,11 @@ Poltergeist.Browser = (function() {
     }
   };
 
+  Browser.prototype.set_url_whitelist = function() {
+    this.currentPage.urlWhitelist = Array.prototype.slice.call(arguments);
+    return this.current_command.sendResponse(true);
+  };
+
   Browser.prototype.set_url_blacklist = function() {
     this.currentPage.urlBlacklist = Array.prototype.slice.call(arguments);
     return this.current_command.sendResponse(true);

lib/capybara/poltergeist/client/compiled/web_page.js

@@ -20,6 +20,7 @@ Poltergeist.WebPage = (function() {
     this.source = null;
     this.closed = false;
     this.state = 'default';
+    this.urlWhitelist = [];
     this.urlBlacklist = [];
     this.frames = [];
     this.errors = [];
@@ -111,10 +112,21 @@ Poltergeist.WebPage = (function() {
   };
 
   WebPage.prototype.onResourceRequestedNative = function(request, net) {
-    var abort, ref2;
-    abort = this.urlBlacklist.some(function(blacklisted_url) {
+    var abort, blacklisted, ref2, useWhitelist, whitelisted;
+    useWhitelist = this.urlWhitelist.length > 0;
+    whitelisted = this.urlWhitelist.some(function(whitelisted_url) {
+      return request.url.indexOf(whitelisted_url) !== -1;
+    });
+    blacklisted = this.urlBlacklist.some(function(blacklisted_url) {
       return request.url.indexOf(blacklisted_url) !== -1;
     });
+    abort = false;
+    if (useWhitelist && !whitelisted) {
+      abort = true;
+    }
+    if (blacklisted) {
+      abort = true;
+    }
     if (abort) {
       if (ref2 = request.url, indexOf.call(this._blockedUrls, ref2) < 0) {
         this._blockedUrls.push(request.url);

lib/capybara/poltergeist/client/web_page.coffee

@@ -20,6 +20,7 @@ class Poltergeist.WebPage
     @source          = null
     @closed          = false
     @state           = 'default'
+    @urlWhitelist    = []
     @urlBlacklist    = []
     @frames          = []
     @errors          = []
@@ -78,9 +79,22 @@ class Poltergeist.WebPage
     return true
 
   onResourceRequestedNative: (request, net) ->
-    abort = @urlBlacklist.some (blacklisted_url) ->
+    useWhitelist = @urlWhitelist.length > 0
+
+    whitelisted = @urlWhitelist.some (whitelisted_url) ->
+      request.url.indexOf(whitelisted_url) != -1
+
+    blacklisted = @urlBlacklist.some (blacklisted_url) ->
       request.url.indexOf(blacklisted_url) != -1
 
+    abort = false
+
+    if useWhitelist && !whitelisted
+      abort = true
+
+    if blacklisted
+      abort = true
+
     if abort
       @_blockedUrls.push request.url unless request.url in @_blockedUrls
       net.abort()

spec/integration/driver_spec.rb

@@ -811,6 +811,42 @@ module Capybara::Poltergeist
       end
     end
 
+    context 'whitelisting urls for resource requests' do
+      it 'allows whitelisted urls' do
+        @driver.browser.url_whitelist = ['url_whitelist', 'wanted']
+
+        @session.visit '/poltergeist/url_whitelist'
+
+        expect(@session.status_code).to eq(200)
+        expect(@session).to have_content('We are loading some wanted action here')
+        @session.within_frame 'framename' do
+          expect(@session).to have_content('We should see this.')
+        end
+      end
+
+      it 'blocks overruled urls' do
+        @driver.browser.url_whitelist = ['url_whitelist']
+        @driver.browser.url_blacklist = ['url_whitelist']
+
+        @session.visit '/poltergeist/url_whitelist'
+
+        expect(@session.status_code).to eq(nil)
+        expect(@session).not_to have_content('We are loading some wanted action here')
+      end
+
+      it 'allows urls when the whitelist is empty' do
+        @driver.browser.url_whitelist = []
+
+        @session.visit '/poltergeist/url_whitelist'
+
+        expect(@session.status_code).to eq(200)
+        expect(@session).to have_content('We are loading some wanted action here')
+        @session.within_frame 'framename' do
+          expect(@session).to have_content('We should see this.')
+        end
+      end
+    end
+
     context 'has ability to send keys' do
       before { @session.visit('/poltergeist/send_keys') }
 

spec/support/views/url_whitelist.erb

@@ -0,0 +1,9 @@
+<!DOCTYPE html>
+<html>
+  <body>
+    We are loading some wanted action here.
+    <iframe src="/poltergeist/wanted" name="framename"></iframe>
+    <img src="/poltergeist/wanted" style="height:100px;width:100px;" />
+    <script src="/poltergeist/wanted" />
+  </body>
+</html>

spec/support/views/wanted.erb

@@ -0,0 +1,6 @@
+<!DOCTYPE html>
+<html>
+  <body>
+    We should see this.
+  </body>
+</html>