OpenCloud
/
element-web
mirror of https://github.com/vector-im/element-web
1
0
Fork 0
Code Issues Releases Wiki Activity

Tweak UIA postMessage check to work cross-origin (#12878) 

* Soften UIA fallback postMessage check to work cross-origin

Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>

* Do the same for the SSO UIA flow

Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>

* Check against MessageEvent::source instead

Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>

---------

Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
dbkr/sss
Michael Telatynski 2024-08-16 09:12:18 +01:00 committed by GitHub
parent 7a91e3efcf
commit 88cf643cbd
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/components/views/auth/InteractiveAuthEntryComponents.tsx
View File

@ -833,7 +833,7 @@ export class SSOAuthEntry extends React.Component<ISSOAuthEntryProps, ISSOAuthEn
};
private onReceiveMessage = (event: MessageEvent): void => {
if (event.data === "authDone" && event.origin === this.props.matrixClient.getHomeserverUrl()) {
if (event.data === "authDone" && event.source === this.popupWindow) {
if (this.popupWindow) {
this.popupWindow.close();
this.popupWindow = null;
@ -950,7 +950,7 @@ export class FallbackAuthEntry extends React.Component<IAuthEntryProps> {
};
private onReceiveMessage = (event: MessageEvent): void => {
if (event.data === "authDone" && event.origin === this.props.matrixClient.getHomeserverUrl()) {
if (event.data === "authDone" && event.source === this.popupWindow) {
this.props.submitAuthDict({});
}
};