CribSWGadget: Check Crib Enable URL before setting it

* Also add the possibility to handle relative url

gadget/crib-sw-gadget.html

@@ -16,5 +16,10 @@
   </head>
   <body>
     <div class="storage-access" style="display:none;"></div>
+    <div class="crib_enable_validator" style="display:none;">
+      <div data-gadget-url="./crib_enable_validator.html"
+           data-gadget-scope="crib_enable_validator"
+           data-gadget-sandbox="public"></div>
+    </div>
   </body>
 </html>
\ No newline at end of file

gadget/crib-sw-gadget.js

-/*global window, rJS, RSVP, Blob, console */
+/*global window, rJS, RSVP, Blob, console, URL */
 /*jslint indent: 2, maxerr: 3 */
 (function (window, rJS, RSVP, jIO) {
   "use strict";
@@ -50,6 +50,15 @@
       });
   }
 
+  function isValidUrl(string) {
+    try {
+      new URL(string);
+    } catch (_) {
+      return false
+    }
+    return true;
+  }
+
   rJS(window)
     .ready(function (g) {
       g.props = {};
@@ -121,9 +130,20 @@
     })
     .declareMethod('setCribEnableGadgetUrl', function (url) {
       var gadget = this;
-      // XXX Should perform checks
+      if (!isValidUrl(url)) {
+        url = new URL(url, window.location.href).href;
+      }
       return new RSVP.Queue()
         .push(function () {
+          return gadget.getDeclaredGadget("crib_enable_validator");
+        })
+        .push(function (validator_gadget) {
+          return validator_gadget.validateCribEnableGadgetUrl(url);
+        })
+        .push(function (result) {
+          if (!result) {
+            throw "Could not Validate CribJS Gadget URL: " + url;
+          }
           return gadget.setSetting("site_editor_gadget_url", url);
         })
         .push(function () {