From d16f365c8d9bc910f0c8706ff7bdb89f7073ef0f Mon Sep 17 00:00:00 2001 From: David Fischer Date: Tue, 13 Mar 2018 12:31:42 -0700 Subject: [PATCH] Use JSONP for sustainability API - Remove CORS workaround --- readthedocs/core/signals.py | 10 ++-- .../core/js/doc-embed/sponsorship.js | 48 ++++++++----------- 2 files changed, 26 insertions(+), 32 deletions(-) diff --git a/readthedocs/core/signals.py b/readthedocs/core/signals.py index 0ea0c7f3c..a3e229656 100644 --- a/readthedocs/core/signals.py +++ b/readthedocs/core/signals.py @@ -16,8 +16,11 @@ from readthedocs.projects.models import Project, Domain log = logging.getLogger(__name__) -WHITELIST_URLS = ['/api/v2/footer_html', '/api/v2/search', - '/api/v2/docsearch', '/api/v2/sustainability'] +WHITELIST_URLS = [ + '/api/v2/footer_html', + '/api/v2/search', + '/api/v2/docsearch', +] webhook_github = Signal(providing_args=['project', 'data', 'event']) @@ -42,9 +45,6 @@ def decide_if_cors(sender, request, **kwargs): # pylint: disable=unused-argumen for url in WHITELIST_URLS: if request.path_info.startswith(url): valid_url = True - # Don't do domain checking for this API for now - if url == '/api/v2/sustainability': - return True if valid_url: project_slug = request.GET.get('project', None) diff --git a/readthedocs/core/static-src/core/js/doc-embed/sponsorship.js b/readthedocs/core/static-src/core/js/doc-embed/sponsorship.js index e1257c1dc..47e83acd0 100644 --- a/readthedocs/core/static-src/core/js/doc-embed/sponsorship.js +++ b/readthedocs/core/static-src/core/js/doc-embed/sponsorship.js @@ -60,24 +60,6 @@ function create_footer_placement () { return null; } -/* - * Returns an array of possible places where a promo could go - */ -function get_placements () { - var placements = []; - var placement_funcs = [create_footer_placement, create_sidebar_placement]; - var placement; - - for (var i = 0; i < placement_funcs.length; i += 1) { - placement = placement_funcs[i](); - if (placement) { - placements.push(placement); - } - } - - return placements; -} - function Promo (data) { this.id = data.id; // analytics id this.div_id = data.div_id || ''; @@ -128,8 +110,12 @@ Promo.prototype.post_promo_display = function () { }; function init() { - var post_data = {}; + var get_data = {format: "jsonp"}; + var div_ids = []; + var display_types = []; + var placement_funcs = [create_footer_placement, create_sidebar_placement]; var params; + var placement; rtd = rtddata.get(); @@ -137,32 +123,40 @@ function init() { return; } - post_data.placements = get_placements(rtd); - post_data.project = rtd.project; + for (var i = 0; i < placement_funcs.length; i += 1) { + placement = placement_funcs[i](); + if (placement) { + div_ids.push(placement.div_id); + display_types.push(placement.display_type); + } + } + + get_data.div_ids = div_ids.join('|'); + get_data.display_types = display_types.join('|'); + get_data.project = rtd.project; if (typeof URL !== 'undefined' && typeof URLSearchParams !== 'undefined') { // Force a specific promo to be displayed params = new URL(window.location).searchParams; if (params.get('force_promo')) { - post_data.force_promo = params.get('force_promo'); + get_data.force_promo = params.get('force_promo'); } // Force a promo from a specific campaign if (params.get('force_campaign')) { - post_data.force_campaign = params.get('force_campaign'); + get_data.force_campaign = params.get('force_campaign'); } } // Request a promo to inject onto the page $.ajax({ url: rtd.api_host + "/api/v2/sustainability/", - type: 'post', + crossDomain: true, xhrFields: { withCredentials: true, }, - dataType: "json", - data: JSON.stringify(post_data), - contentType: "application/json", + dataType: "jsonp", + data: get_data, success: function (data) { var promo; if (data && data.div_id && data.html) {