new attempt at speaker view xss fix
parent
0ca389721c
commit
4b6ac46cde
File diff suppressed because one or more lines are too long
File diff suppressed because one or more lines are too long
|
@ -1,4 +1,4 @@
|
|||
import speakerViewHTML from './speaker-view.html';
|
||||
import speakerViewHTML from './speaker-view.html'
|
||||
|
||||
import { marked } from 'marked';
|
||||
|
||||
|
|
|
@ -350,8 +350,9 @@
|
|||
layoutDropdown,
|
||||
pendingCalls = {},
|
||||
lastRevealApiCallId = 0,
|
||||
connected = false,
|
||||
whitelistedWindows = [window.opener];
|
||||
connected = false
|
||||
|
||||
var connectionStatus = document.querySelector( '#connection-status' );
|
||||
|
||||
var SPEAKER_LAYOUTS = {
|
||||
'default': 'Default',
|
||||
|
@ -362,15 +363,29 @@
|
|||
|
||||
setupLayout();
|
||||
|
||||
var connectionStatus = document.querySelector( '#connection-status' );
|
||||
let openerOrigin;
|
||||
|
||||
try {
|
||||
openerOrigin = window.opener.location.origin;
|
||||
}
|
||||
catch ( error ) { console.warn( error ) }
|
||||
|
||||
// In order to prevent XSS, the speaker view will only run if its
|
||||
// opener has the same origin as itself
|
||||
if( window.location.origin !== openerOrigin ) {
|
||||
connectionStatus.innerHTML = 'Cross origin error.<br>The speaker window can only be opened from the same origin.';
|
||||
return;
|
||||
}
|
||||
|
||||
var connectionTimeout = setTimeout( function() {
|
||||
connectionStatus.innerHTML = 'Error connecting to main window.<br>Please try closing and reopening the speaker view.';
|
||||
}, 5000 );
|
||||
;
|
||||
window.addEventListener( 'message', function( event ) {
|
||||
|
||||
// Validate the origin of this message to prevent XSS
|
||||
if( window.location.origin !== event.origin && whitelistedWindows.indexOf( event.source ) === -1 ) {
|
||||
// Validate the origin of all messages to avoid parsing messages
|
||||
// that aren't meant for us
|
||||
if( window.location.origin !== event.origin ) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
@ -539,8 +554,6 @@
|
|||
upcomingSlide.setAttribute( 'src', upcomingURL );
|
||||
document.querySelector( '#upcoming-slide' ).appendChild( upcomingSlide );
|
||||
|
||||
whitelistedWindows.push( currentSlide.contentWindow, upcomingSlide.contentWindow );
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
Loading…
Reference in New Issue