Commit Graph

3 Commits

Author SHA1 Message Date
David Négrier
41fd848fa0 Fixed potential injection by switching map container to PHP
Some HTML files were importing iframe_api.js automatically by detecting the referrer document.

While this was done in a safe way (the map container does not use cookies), it is not
a best practice to load a script originating from document.referrer.

This PR solves the issue by using PHP to inject the correct domain name in the HTML files.
2021-11-29 19:05:13 +01:00
GRL
ebcf4a6ae3 Add documentation
delete unused test map
2021-08-27 14:49:57 +02:00
GRL
cf7bfe79ca Refactor to only have one function registerMenuCommand
When selected custom menu is removed, go to settings menu
Allow iframe in custom menu to use Scripting API
Return menu object when it is registered, can call remove function on it
2021-08-27 10:34:03 +02:00