From 326aa8b45801298cafb13d4fd367cd240cfc4abc Mon Sep 17 00:00:00 2001
From: itozyun <itozyun@user.sourceforge.jp>
Date: Wed, 20 May 2015 06:45:41 +0900
Subject: [PATCH] Version 0.6.150, fix X.Net.

---
 0.6.x/js/01_core/05_XString.js   |  7 +++++
 0.6.x/js/06_net/00_XNet.js       | 28 +++++++++++++------
 0.6.x/js/06_net/01_XNetXHR.js    | 15 ++++++----
 0.6.x/js/06_net/02_XNetJSONP.js  |  2 +-
 0.6.x/js/06_net/05_XXHRGadget.js | 59 ++++++++++++++++++++++++++++++++--------
 0.6.x/js/06_net/10_XOAuth2.js    | 12 ++++----
 6 files changed, 91 insertions(+), 32 deletions(-)

diff --git a/0.6.x/js/01_core/05_XString.js b/0.6.x/js/01_core/05_XString.js
index c2dd44f..b77d19f 100644
--- a/0.6.x/js/01_core/05_XString.js
+++ b/0.6.x/js/01_core/05_XString.js
@@ -174,3 +174,10 @@ function X_String_serialize_buildParams( list, prefix, obj, traditional ) {
 		X_String_serialize_addParam( list, prefix, obj );
 	};
 };
+
+/*
+ * 信頼できる文字列だけに対して json 文字列のパースを行います
+ */
+function X_String_parseTrustedJsonString( jsonString ){
+	return window.JSON ? JSON.parse( jsonString ) : eval( '(' + jsonString + ')' );
+};
diff --git a/0.6.x/js/06_net/00_XNet.js b/0.6.x/js/06_net/00_XNet.js
index a97d45e..7d6393c 100644
--- a/0.6.x/js/06_net/00_XNet.js
+++ b/0.6.x/js/06_net/00_XNet.js
@@ -135,18 +135,20 @@ X[ 'Net' ] = X_EventDispatcher[ 'inherits' ](
 					return;
 				};
 				
+				opt = X_Object_deepCopy( opt );
+				opt.netType   = type;
+				opt[ 'url'  ] = url;				
+				
 				if( type === X_NET_TYPE_XHR ){
 					opt[ 'method' ] = opt[ 'method' ] || ( opt[ 'postdata' ] ? 'POST' : 'GET' );
 					
 					// XDomain 不可 -> Flash, Gears, Silverlight, canUseGadget なら gadget に切替?
 					// PUT DELETE UPDATE 不可 -> Flash, Gears, Silverlight, canUseGadget なら gadget に切替?
+					// xプロトコル な binary のロード -> gadget 内で proxyURL による XHR
 					//  or X_EVENT_ERROR
 					
-				};				
-				
-				opt = X_Object_deepCopy( opt );
-				opt.netType   = type;
-				opt[ 'url'  ] = url;
+					opt[ 'dataType' ] = opt[ 'dataType' ] || X_URL_getEXT( url );
+				};
 				
 				X_Pair_create( this, opt );
 				
@@ -216,7 +218,7 @@ function X_NET_proxyDispatch( e ){
 			if( flag ){ // flag が立つ場合、これは中断
 				this[ 'dispatch' ]( X_EVENT_CANCELED );
 				this[ 'dispatch' ]( { type : X_EVENT_COMPLETE, 'lastEventType' : X_EVENT_CANCELED } );
-				X_Pair_release( this );				
+				X_Pair_release( this );
 			};
 			break;			
 		case X_EVENT_PROGRESS :
@@ -225,8 +227,7 @@ function X_NET_proxyDispatch( e ){
 		
 		case X_EVENT_ERROR :
 			if( e.status === 401 ){
-				auth = X_Pair_get( this )[ 'auth' ];
-				if( auth ){
+				if( auth = X_Pair_get( this )[ 'auth' ] ){
 					X_Pair_get( auth ).onAuthError( auth );
 				};
 			};
@@ -270,7 +271,16 @@ function X_NET_shiftQueue(){
 			
 			// TODO (xProtocol |　method) & canUse -> gadget.io.makeRequset, flash
 			// force 'gadget', 'flash'
-			X_NET_currentWrapper = X_NET_XHRWrapper || X_TEMP.X_Net_XHR_init();
+			switch( X_NET_currentData[ 'test' ] ){
+				case 'gadget' :
+					X_NET_currentWrapper = X_NET_GIMRWrapper || X_TEMP.X_Net_GIMR_init();
+					break;
+				case 'flash'  :
+					break;
+				default :
+					X_NET_currentWrapper = X_NET_XHRWrapper || X_TEMP.X_Net_XHR_init();
+			};
+			
 			
 			// OAuth2
 			if( auth = X_NET_currentData[ 'auth' ] ){
diff --git a/0.6.x/js/06_net/01_XNetXHR.js b/0.6.x/js/06_net/01_XNetXHR.js
index 843b5dc..8d16cfa 100644
--- a/0.6.x/js/06_net/01_XNetXHR.js
+++ b/0.6.x/js/06_net/01_XNetXHR.js
@@ -45,6 +45,7 @@ var // Opera7.6+, Safari1.2+, khtml3.?+, Gecko0.9.7+
 	// ie7&8 ではローカルリソースには ActiveX の XHR を使う
 	X_Net_XHR_createW3C   = window[ 'XMLHttpRequest' ] && function(){ return X_Net_XHR_w3c || ( X_Net_XHR_w3c = new XMLHttpRequest() ); },
 	X_Net_XHR_w3c         = X_Net_XHR_createW3C && X_Net_XHR_createW3C(),
+	X_Net_XHR_cors        = X_Net_XHR_w3c && X_Net_XHR_w3c.withCredentials !== undefined,
 	X_Net_XHR_progress    = X_Net_XHR_w3c && X_Net_XHR_w3c.onprogress !== undefined,
 	X_Net_XHR_upload      = X_Net_XHR_w3c && !!X_Net_XHR_w3c.upload,
 	
@@ -106,7 +107,7 @@ X[ 'XHR' ] = {
 	'UPLOAD_PROGRESS' : X_Net_XHR_upload,
 
 	// or gadget proxy or flash
-	'CORS'            : X_Net_XHR_xdr || ( X_Net_XHR_w3c && X_Net_XHR_w3c.withCredentials !== undefined )
+	'CORS'            : X_Net_XHR_xdr || X_Net_XHR_cors
 };
 
 if( X_Net_XHR_msXMLVer ) X[ 'XHR' ][ 'MSXML_VERSION' ] = X_Net_XHR_msXMLVer;
@@ -151,13 +152,16 @@ X_TEMP.X_Net_XHR_init = function(){
 					init,
 					tmp;
 
-				this._dataType = obj[ 'dataType' ] || X_URL_getEXT( url );
+				this._dataType = obj[ 'dataType' ];
 				
 				if( !raw || xDomain !== this._isXDR || ( X_Net_XHR_createMSXML && isFile !== this._isMsXML ) ){
 					raw && this[ 'unlisten' ]( [ 'load', 'readystatechange', 'progress', 'error', 'timeout' ] );
 					init = true;
 					this[ '_rawObject' ] = raw = xDomain ?
-													X_Net_XHR_createXDR() :
+													( X_Net_XHR_cors ?
+														X_Net_XHR_createW3C() :
+														X_Net_XHR_createXDR()
+													) :
 												 isFile ?
 												 	( X_Net_XHR_createMSXML ?
 														( X_Net_XHR_msXML = X_Net_XHR_msXML || X_Net_XHR_createMSXML() ):
@@ -182,7 +186,7 @@ X_TEMP.X_Net_XHR_init = function(){
 							raw.responseType = 'text';
 							break;
 						case 'json' :
-						case 'moz-json' :
+						case 'moz-json' : // firefox9-
 							raw.responseType = X_UA[ 'Gecko' ] ? this._dataType : ''; // Iron 37 でエラー
 							break;
 						case 'document' :
@@ -260,6 +264,7 @@ X_TEMP.X_Net_XHR_init = function(){
 					
 					for( p in headers ){
 						if( X_EMPTY_OBJECT[ p ] ) continue;
+						console.log( headers[ p ] );
 						headers[ p ] !== undefined && raw.setRequestHeader( p, headers[ p ] + '' ); // Opera8.01+, MSXML3+
 					};
 				};
@@ -430,7 +435,7 @@ X_TEMP.X_Net_XHR_init = function(){
 									// eval() を使っているけど JSON の無いブラウザは XDomain な XHR はできないのでよしとする。
 									// XDomain な XHR の際は Flash 等で代替し、その中に Json parser も組み込む。
 									// http://d.hatena.ne.jp/sshi/20060904/p1
-									if( !X_Type_isObject( data ) ) data = window.JSON ? JSON.parse( data ) : eval( '(' + data + ')' );
+									if( !X_Type_isObject( data ) ) data = X_String_parseTrustedJsonString( data );
 									break;
 								case 'document' :
 								case 'xml' :
diff --git a/0.6.x/js/06_net/02_XNetJSONP.js b/0.6.x/js/06_net/02_XNetJSONP.js
index 618cb6c..43732b4 100644
--- a/0.6.x/js/06_net/02_XNetJSONP.js
+++ b/0.6.x/js/06_net/02_XNetJSONP.js
@@ -32,7 +32,7 @@ X[ 'Net' ][ 'JSONP' ] = {
 			X_NET_JSONPWrapper
 				[ 'asyncDispatch' ]( {
 					type : jsonString ? X_EVENT_SUCCESS : X_EVENT_ERROR,
-					data : window.JSON ? JSON.parse( jsonString ) : eval( '(' + jsonString + ')' )
+					data : X_String_parseTrustedJsonString( jsonString )
 				} );
 			
 			X_Net_JSONP_errorTimerID && X_Timer_remove( X_Net_JSONP_errorTimerID );
diff --git a/0.6.x/js/06_net/05_XXHRGadget.js b/0.6.x/js/06_net/05_XXHRGadget.js
index 61cb641..0a04809 100644
--- a/0.6.x/js/06_net/05_XXHRGadget.js
+++ b/0.6.x/js/06_net/05_XXHRGadget.js
@@ -44,7 +44,7 @@ var X_NET_GIMR_canUse         = 5.5 <= X_UA[ 'IE' ] || !X_UA[ 'IE' ],
 
 function X_NET_GIMR_detectImageOverIframe(){
 	var raw = X_NET_GIMR_gadgetIframe[ '_rawObject' ],
-		iwin, ret;
+		iwin, ret, error, data = null;
 	
 	if( raw ){
 		iwin = raw.contentWindow || ( raw.contentDocument && raw.contentDocument.parentWindow ) || window.frames[ X_NET_GIMR_iframeName ];
@@ -66,16 +66,28 @@ function X_NET_GIMR_detectImageOverIframe(){
 						break;
 
 					case 2 : // _waiting_ 通信結果待ち
-						ret = decodeURIComponent( ret.substr( 1 ) );
-						ret = window.JSON ? JSON.parse( ret ) : eval( '(' + ret + ')' );
+						ret = X_String_parseTrustedJsonString( decodeURIComponent( ret.substr( 1 ) ) );
+						
+						error = ret[ 'errors' ] && ret[ 'errors' ].length;
+						
+						switch( !error && X_NET_GIMR_requestOriginal[ 'dataType' ] ){
+							case 'json' :
+								data = X_String_parseTrustedJsonString( ret[ 'json' ] || ret[ 'text' ] || '' );
+								break;
+						};
+						
+						console.dir( data || ret );
 						
 						X_NET_GIMRWrapper._busy = false;
 						
 						X_NET_GIMRWrapper
-							[ 'asyncDispatch' ]( {
-								type : ret[ 'errors' ] && ret[ 'errors' ].length ? X_EVENT_ERROR : X_EVENT_SUCCESS,
-								data : ret
-							} );
+							[ 'asyncDispatch' ]({
+								type      : error ? X_EVENT_ERROR : X_EVENT_SUCCESS,
+								state     : ret[ 'rc' ] || ( error ? 400 : 200 ),
+								data      : data,
+								'headers' : ret[ 'headers' ],
+								'message' : error && ret[ 'errors' ].join( '\n' )
+							});
 						iwin.location.href = X_NET_GIMR_GADGET_URL + '#_recived_';
 						X_NET_GIMR_timerID = X_NET_GIMR_phase = 0;
 						X_NET_GIMR_lastHashString = '';
@@ -102,6 +114,10 @@ function X_NET_GIMR_toJSONString( obj ){
 };
 
 
+X_TEMP.X_Net_GIMR_init = function(){
+	
+delete X_TEMP.X_Net_GIMR_init;
+
 // TODO extend NinjaIframe
 X_NET_GIMRWrapper = X_Class_override(
 	X_EventDispatcher(),
@@ -112,7 +128,7 @@ X_NET_GIMRWrapper = X_Class_override(
 		_onloadCount  : 0,
 		
 		load : function( obj ){
-			var k;
+			var k, v;
 			//createURL
 			if( !X_NET_GIMR_gadgetIframe ){
 				X_NET_GIMR_gadgetIframe = X_Node_systemNode
@@ -131,12 +147,13 @@ X_NET_GIMRWrapper = X_Class_override(
 			
 			X_NET_GIMR_timerID = X.Timer.add( 100, 0, X_NET_GIMR_detectImageOverIframe );
 			
-			X_NET_GIMR_requestOriginal = X_Object_deepCopy( v );
+			X_NET_GIMR_requestOriginal = X_Object_deepCopy( obj );
 			
 			X_NET_GIMR_requestOptions = {
 				'CONTENT_TYPE'     : 'TEXT',
 				'GET_FULL_HEADERS' : true,
-				'REFRESH_INTERVAL' : 0
+				'REFRESH_INTERVAL' : 0,
+				'url'              : obj[ 'url' ]
 			};
 			
 			for( k in obj ){
@@ -149,10 +166,23 @@ X_NET_GIMRWrapper = X_Class_override(
 							X_NET_GIMR_requestOptions[ 'METHOD' ] = v;
 							break;					
 						case 'dataType' :
-							X_NET_GIMR_requestOptions[ 'CONTENT_TYPE' ] = v;
+							// TEXT 以外は無視される?
+							switch( v = ( '' + v ).toUpperCase() ){
+								case 'TEXT' :
+								case 'JSON' :
+									X_NET_GIMR_requestOptions[ 'CONTENT_TYPE' ] = v;
+									break;
+								case 'DOM'  :
+								case 'HTML' :
+								case 'HTM'  :
+								case 'XML'  :
+									X_NET_GIMR_requestOptions[ 'CONTENT_TYPE' ] = 'DOM';
+									break;
+								//case 'FEED' :
+							};		
 							break;
 						case 'headers' :
-							X_NET_GIMR_requestOptions[ 'HEADERS' ] = X_Object_clone( v );
+							X_NET_GIMR_requestOptions[ 'HEADERS' ] = X_NET_GIMR_requestOriginal[ v ];
 							break;
 						case 'cashe' :
 							X_NET_GIMR_requestOptions[ 'REFRESH_INTERVAL' ] = 3600;
@@ -174,3 +204,8 @@ X_NET_GIMRWrapper = X_Class_override(
 		}
 	}
 );
+
+return X_NET_GIMRWrapper;
+
+};
+
diff --git a/0.6.x/js/06_net/10_XOAuth2.js b/0.6.x/js/06_net/10_XOAuth2.js
index f11bb13..e43d508 100644
--- a/0.6.x/js/06_net/10_XOAuth2.js
+++ b/0.6.x/js/06_net/10_XOAuth2.js
@@ -40,6 +40,8 @@ X[ 'OAuth2' ] = X_EventDispatcher[ 'inherits' ](
 				
 				obj.onAuthError   = X_NET_OAUTH2_onXHR401Error;
 				obj.updateRequest = X_NET_OAUTH2_updateRequest;
+				
+				// TODO kill の cancel
 			},
 
 			'authState' : function(){
@@ -58,10 +60,10 @@ X[ 'OAuth2' ] = X_EventDispatcher[ 'inherits' ](
 				X_NET_OAUTH2_authorizationWindow = window.open(
 					pair[ 'authorizeEndpoint' ] + '?' + X_URL_objToParam(
 						{
-							response_type : 'code',
-							client_id     : pair[ 'clientID' ],
-							redirect_uri  : tpair[ 'redirectURI' ],
-							scope         : ( pair[ 'scopes' ] || []).join(' ')
+							'response_type' : 'code',
+							'client_id'     : pair[ 'clientID' ],
+							'redirect_uri'  : tpair[ 'redirectURI' ],
+							'scope'         : ( pair[ 'scopes' ] || []).join(' ')
 						}
 					), 'oauthauthorize',
 					'width=' + pair[ 'authorizeWindowWidth' ]
@@ -250,7 +252,7 @@ function X_NET_OAUTH2_onXHR401Error( oauth2 ){
 	if ((( bearerParams && bearerParams.indexOf( ' error="invalid_token"' ) !== -1 ) || !headersExposed) && _getRefreshToken( oauth2 ) ) {
 		_removeAccessToken( oauth2 ); // It doesn't work any more.
 		pair.oauth2State = 2;
-		oauth2.refreshToken();
+		oauth2[ 'refreshToken' ]();
 	} else
 	if (!headersExposed && !_getRefreshToken( oauth2 )) {
 		pair.oauth2State = 0;
-- 
2.11.0