_Bastler/partey_workadventure
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Improving security: only iframes opened with "openWebsiteAllowApi" property are now able to send/receive messages.

Browse Source
This commit is contained in:
David Négrier
2021-03-06 16:00:07 +01:00
parent e927e0fa16
commit 7d67f55012
4 changed files with 50 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files
maps/tests/iframe_api.json
+5
View File
@@ -44,6 +44,11 @@
"name":"openWebsite",
"type":"string",
"value":"iframe.html"
},
{
"name":"openWebsiteAllowApi",
"type":"bool",
"value":true
}],
"type":"tilelayer",
"visible":true,