Secure popup frame url changes (#622)

* Throw error if options is not ready

* Remove id

* Change unsecurePopupFrameUrl to useSecurePopupFrameUrl
This commit is contained in:
toasted-nutbread 2020-06-22 19:26:59 -04:00 committed by GitHub
parent f2991fb9ee
commit 65c41975a6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 14 additions and 9 deletions

View File

@ -110,7 +110,7 @@
"showPitchAccentPositionNotation",
"showPitchAccentGraph",
"showIframePopupsInRootFrame",
"unsecurePopupFrameUrl"
"useSecurePopupFrameUrl"
],
"properties": {
"enable": {
@ -249,9 +249,9 @@
"type": "boolean",
"default": false
},
"unsecurePopupFrameUrl": {
"useSecurePopupFrameUrl": {
"type": "boolean",
"default": false
"default": true
}
}
},

View File

@ -177,7 +177,7 @@ function profileOptionsCreateDefaults() {
showPitchAccentPositionNotation: true,
showPitchAccentGraph: false,
showIframePopupsInRootFrame: false,
unsecurePopupFrameUrl: false
useSecurePopupFrameUrl: true
},
audio: {

View File

@ -183,7 +183,7 @@
</div>
<div class="checkbox options-advanced">
<label><input type="checkbox" id="show-iframe-popups-in-root-frame" data-setting="general.unsecurePopupFrameUrl"> Use unsecure popup frame URL</label>
<label><input type="checkbox" data-setting="general.useSecurePopupFrameUrl"> Use secure popup frame URL</label>
</div>
<div class="checkbox options-advanced">

View File

@ -326,19 +326,24 @@ class Popup {
}
async _createInjectPromise() {
if (this._options === null) {
throw new Error('Options not initialized');
}
const {useSecurePopupFrameUrl} = this._options.general;
this._injectStyles();
const unsecurePopupFrameUrl = (this._options !== null && this._options.general.unsecurePopupFrameUrl);
const {secret, token} = await this._initializeFrame(this._frame, this._targetOrigin, this._frameId, (frame) => {
frame.removeAttribute('src');
frame.removeAttribute('srcdoc');
this._observeFullscreen(true);
this._onFullscreenChanged();
const url = chrome.runtime.getURL('/fg/float.html');
if (unsecurePopupFrameUrl) {
frame.setAttribute('src', url);
} else {
if (useSecurePopupFrameUrl) {
frame.contentDocument.location.href = url;
} else {
frame.setAttribute('src', url);
}
});
this._frameSecret = secret;