Skip to content
This repository has been archived by the owner on Oct 8, 2024. It is now read-only.

Commit

Permalink
bugfix for origin detection in xdomain_cookie
Browse files Browse the repository at this point in the history
  • Loading branch information
@ecaroth
ecaroth committed Oct 26, 2016
1 parent db81273 commit 1a859c0
Show file tree
Hide file tree
Showing 3 changed files with 3 additions and 3 deletions.
2 changes: 1 addition & 1 deletion dev/xdomain_cookie.dev.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@
_log("_inbound_postmessage", event.origin, event.data);

var origin = event.origin || event.originalEvent.origin; // For Chrome, the origin property is in the event.originalEvent object.
if (origin !== iframe_path) return; //incoming message not from iframe
if (iframe_path.substr(0,origin.length) !== origin) return; //incoming message not from iframe

if(typeof event.data !== 'string') return; //expected json string encoded payload
var data = null;
Expand Down
2 changes: 1 addition & 1 deletion src/xdomain_cookie.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@
_log("_inbound_postmessage", event.origin, event.data);

var origin = event.origin || event.originalEvent.origin; // For Chrome, the origin property is in the event.originalEvent object.
if (origin !== iframe_path) return; //incoming message not from iframe
if (iframe_path.substr(0,origin.length) !== origin) return; //incoming message not from iframe

if(typeof event.data !== 'string') return; //expected json string encoded payload
var data = null;
Expand Down
2 changes: 1 addition & 1 deletion src/xdomain_cookie.min.js
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 1a859c0

Please sign in to comment.