diff --git a/front/src/Api/IframeListener.ts b/front/src/Api/IframeListener.ts index 3479a454..7e51a281 100644 --- a/front/src/Api/IframeListener.ts +++ b/front/src/Api/IframeListener.ts @@ -60,14 +60,14 @@ class IframeListener { // Do we trust the sender of this message? // Let's only accept messages from the iframe that are allowed. // Note: maybe we could restrict on the domain too for additional security (in case the iframe goes to another domain). - let found = false; + let foundSrc: string | null = null; for (const iframe of this.iframes) { if (iframe.contentWindow === message.source) { - found = true; + foundSrc = iframe.src; break; } } - if (!found) { + if (!foundSrc) { return; } @@ -91,7 +91,7 @@ class IframeListener { return this.scripts.get(key)?.contentWindow == message.source }) - scriptUtils.openCoWebsite(payload.data.url, scriptUrl || payload.data.url); + scriptUtils.openCoWebsite(payload.data.url, scriptUrl || foundSrc); } else if(payload.type === 'closeCoWebSite') { scriptUtils.closeCoWebSite();