github/svgedit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- Fix (Embedded API): Cross-domain may fail to even access origin or contentDocument

Browse Source 
- Fix (Embedded API): Avoid adding URL to iframe src if there are no arguments
- Fix (Cross-domain usage): Recover from exceptions with `localStorage`
- Docs (JSDoc): Missing function
This commit is contained in:
Brett Zamir
2018-05-30 19:39:00 +08:00
parent f2b1a1ff0c
commit d173df34d2
10 changed files with 76 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
editor/embedapi.js
View File

@@ -297,7 +297,12 @@ class EmbeddedSVGEdit {
* made compatile with all API functionality
*/
// We accept and post strings for the sake of IE9 support
if (window.location.origin === t.frame.contentWindow.location.origin) {
let sameOrigin = false;
try {
sameOrigin = window.location.origin === t.frame.contentWindow.location.origin;
} catch (err) {}
if (sameOrigin) {
// Although we do not really need this API if we are working same
// domain, it could allow us to write in a way that would work
// cross-domain as well, assuming we stick to the argument limitations