EventSource* EventSource::create(ExecutionContext* context, const String& url, const EventSourceInit& eventSourceInit, ExceptionState& exceptionState)
{
if (url.isEmpty()) {
exceptionState.throwDOMException(SyntaxError, "Cannot open an EventSource to an empty URL.");
return nullptr;
}
KURL fullURL = context->completeURL(url);
if (!fullURL.isValid()) {
exceptionState.throwDOMException(SyntaxError, "Cannot open an EventSource to '" + url + "'. The URL is invalid.");
return nullptr;
}
// FIXME: Convert this to check the isolated world's Content Security Policy once webkit.org/b/104520 is solved.
if (!ContentSecurityPolicy::shouldBypassMainWorld(context) && !context->contentSecurityPolicy()->allowConnectToSource(fullURL)) {
// We can safely expose the URL to JavaScript, as this exception is generate synchronously before any redirects take place.
exceptionState.throwSecurityError("Refused to connect to '" + fullURL.elidedString() + "' because it violates the document's Content Security Policy.");
return nullptr;
}
EventSource* source = new EventSource(context, fullURL, eventSourceInit);
source->scheduleInitialConnect();
source->suspendIfNeeded();
return source;
}
EventSource* EventSource::create(const String& url, IEventSourceReceiver* receiver, const Hashtable<String,String>& eventSourceInit )
{
LOG(TRACE) + "Creating EventSource with URL: " + url;
if (url.empty()) {
return 0;
}
String fullUrl(
(url.find("://")==String::npos)?
(RHODESAPP().getCurrentUrl(-1) + url):
(url)
);
LOG(TRACE) + "Full URL for EventSource: " + fullUrl;
EventSource* source = new EventSource(fullUrl, receiver, eventSourceInit);
source->scheduleInitialConnect();
return source;
}