summaryrefslogtreecommitdiff
path: root/ext/fg/js/popup.js
diff options
context:
space:
mode:
authortoasted-nutbread <toasted-nutbread@users.noreply.github.com>2020-06-22 19:26:59 -0400
committerGitHub <noreply@github.com>2020-06-22 19:26:59 -0400
commit65c41975a6dca0610c7dc4454ece9534f3636893 (patch)
tree76a3a3ae056d68577f05b34d4ed95cca1dd66e04 /ext/fg/js/popup.js
parentf2991fb9ee8e83738b726eb558af992f4bb5d9dc (diff)
Secure popup frame url changes (#622)
* Throw error if options is not ready * Remove id * Change unsecurePopupFrameUrl to useSecurePopupFrameUrl
Diffstat (limited to 'ext/fg/js/popup.js')
-rw-r--r--ext/fg/js/popup.js13
1 files changed, 9 insertions, 4 deletions
diff --git a/ext/fg/js/popup.js b/ext/fg/js/popup.js
index 4394a965..3b14d3d0 100644
--- a/ext/fg/js/popup.js
+++ b/ext/fg/js/popup.js
@@ -326,19 +326,24 @@ class Popup {
}
async _createInjectPromise() {
+ if (this._options === null) {
+ throw new Error('Options not initialized');
+ }
+
+ const {useSecurePopupFrameUrl} = this._options.general;
+
this._injectStyles();
- const unsecurePopupFrameUrl = (this._options !== null && this._options.general.unsecurePopupFrameUrl);
const {secret, token} = await this._initializeFrame(this._frame, this._targetOrigin, this._frameId, (frame) => {
frame.removeAttribute('src');
frame.removeAttribute('srcdoc');
this._observeFullscreen(true);
this._onFullscreenChanged();
const url = chrome.runtime.getURL('/fg/float.html');
- if (unsecurePopupFrameUrl) {
- frame.setAttribute('src', url);
- } else {
+ if (useSecurePopupFrameUrl) {
frame.contentDocument.location.href = url;
+ } else {
+ frame.setAttribute('src', url);
}
});
this._frameSecret = secret;