From 3db7b3a92569e2789776480e776f454d084091d9 Mon Sep 17 00:00:00 2001
From: toasted-nutbread <toasted-nutbread@users.noreply.github.com>
Date: Sun, 21 Jun 2020 15:52:43 -0400
Subject: Add option to use the unsecure frame URL (#618)

---
 ext/fg/js/popup.js | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'ext/fg')

diff --git a/ext/fg/js/popup.js b/ext/fg/js/popup.js
index a8188143..af24989f 100644
--- a/ext/fg/js/popup.js
+++ b/ext/fg/js/popup.js
@@ -328,12 +328,18 @@ class Popup {
     async _createInjectPromise() {
         this._injectStyles();
 
+        const unsecurePopupFrameUrl = (this._options !== null && this._options.general.unsecurePopupFrameUrl);
         const {secret, token} = await this._initializeFrame(this._frame, this._targetOrigin, this._frameId, (frame) => {
             frame.removeAttribute('src');
             frame.removeAttribute('srcdoc');
             this._observeFullscreen(true);
             this._onFullscreenChanged();
-            frame.contentDocument.location.href = chrome.runtime.getURL('/fg/float.html');
+            const url = chrome.runtime.getURL('/fg/float.html');
+            if (unsecurePopupFrameUrl) {
+                frame.setAttribute('src', url);
+            } else {
+                frame.contentDocument.location.href = url;
+            }
         });
         this._frameSecret = secret;
         this._frameToken = token;
-- 
cgit v1.2.3