diff options
author | toasted-nutbread <toasted-nutbread@users.noreply.github.com> | 2020-06-22 19:26:59 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-06-22 19:26:59 -0400 |
commit | 65c41975a6dca0610c7dc4454ece9534f3636893 (patch) | |
tree | 76a3a3ae056d68577f05b34d4ed95cca1dd66e04 /ext/fg/js | |
parent | f2991fb9ee8e83738b726eb558af992f4bb5d9dc (diff) |
Secure popup frame url changes (#622)
* Throw error if options is not ready
* Remove id
* Change unsecurePopupFrameUrl to useSecurePopupFrameUrl
Diffstat (limited to 'ext/fg/js')
-rw-r--r-- | ext/fg/js/popup.js | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/ext/fg/js/popup.js b/ext/fg/js/popup.js index 4394a965..3b14d3d0 100644 --- a/ext/fg/js/popup.js +++ b/ext/fg/js/popup.js @@ -326,19 +326,24 @@ class Popup { } async _createInjectPromise() { + if (this._options === null) { + throw new Error('Options not initialized'); + } + + const {useSecurePopupFrameUrl} = this._options.general; + this._injectStyles(); - const unsecurePopupFrameUrl = (this._options !== null && this._options.general.unsecurePopupFrameUrl); const {secret, token} = await this._initializeFrame(this._frame, this._targetOrigin, this._frameId, (frame) => { frame.removeAttribute('src'); frame.removeAttribute('srcdoc'); this._observeFullscreen(true); this._onFullscreenChanged(); const url = chrome.runtime.getURL('/fg/float.html'); - if (unsecurePopupFrameUrl) { - frame.setAttribute('src', url); - } else { + if (useSecurePopupFrameUrl) { frame.contentDocument.location.href = url; + } else { + frame.setAttribute('src', url); } }); this._frameSecret = secret; |