Secure popup frame url changes (#622)

* Throw error if options is not ready * Remove id * Change unsecurePopupFrameUrl to useSecurePopupFrameUrl
2020-06-22 19:26:59 -04:00 · 2020-06-22 19:26:59 -04:00 · 65c41975a6
commit 65c41975a6
parent f2991fb9ee
4 changed files with 14 additions and 9 deletions
--- a/ext/bg/data/options-schema.json
+++ b/ext/bg/data/options-schema.json
@ -110,7 +110,7 @@
                                    "showPitchAccentPositionNotation",
                                    "showPitchAccentGraph",
                                    "showIframePopupsInRootFrame",
-                                    "unsecurePopupFrameUrl"
+                                    "useSecurePopupFrameUrl"
                                ],
                                "properties": {
                                    "enable": {
@ -249,9 +249,9 @@
                                        "type": "boolean",
                                        "default": false
                                    },
-                                    "unsecurePopupFrameUrl": {
+                                    "useSecurePopupFrameUrl": {
                                        "type": "boolean",
-                                        "default": false
+                                        "default": true
                                    }
                                }
                            },
--- a/ext/bg/js/options.js
+++ b/ext/bg/js/options.js
@ -177,7 +177,7 @@ function profileOptionsCreateDefaults() {
            showPitchAccentPositionNotation: true,
            showPitchAccentGraph: false,
            showIframePopupsInRootFrame: false,
-            unsecurePopupFrameUrl: false
+            useSecurePopupFrameUrl: true
        },

        audio: {
--- a/ext/bg/settings.html
+++ b/ext/bg/settings.html
@ -183,7 +183,7 @@
                </div>

                <div class="checkbox options-advanced">
-                    <label><input type="checkbox" id="show-iframe-popups-in-root-frame" data-setting="general.unsecurePopupFrameUrl"> Use unsecure popup frame URL</label>
+                    <label><input type="checkbox" data-setting="general.useSecurePopupFrameUrl"> Use secure popup frame URL</label>
                </div>

                <div class="checkbox options-advanced">
--- a/ext/fg/js/popup.js
+++ b/ext/fg/js/popup.js
@ -326,19 +326,24 @@ class Popup {
    }

    async _createInjectPromise() {
+        if (this._options === null) {
+            throw new Error('Options not initialized');
+        }
+
+        const {useSecurePopupFrameUrl} = this._options.general;
+
        this._injectStyles();

-        const unsecurePopupFrameUrl = (this._options !== null && this._options.general.unsecurePopupFrameUrl);
        const {secret, token} = await this._initializeFrame(this._frame, this._targetOrigin, this._frameId, (frame) => {
            frame.removeAttribute('src');
            frame.removeAttribute('srcdoc');
            this._observeFullscreen(true);
            this._onFullscreenChanged();
            const url = chrome.runtime.getURL('/fg/float.html');
-            if (unsecurePopupFrameUrl) {
-                frame.setAttribute('src', url);
-            } else {
+            if (useSecurePopupFrameUrl) {
                frame.contentDocument.location.href = url;
+            } else {
+                frame.setAttribute('src', url);
            }
        });
        this._frameSecret = secret;