Making script URL dynamic

Signed-off-by: David Négrier <d.negrier@thecodingmachine.com>
2021-06-28 14:13:49 +02:00 · 2021-06-28 14:13:49 +02:00 · 71a5e29ae4
parent 86cb118378
commit 71a5e29ae4
1 changed files with 25 additions and 18 deletions
--- a/maps/tests/Metadata/changeTile.html
+++ b/maps/tests/Metadata/changeTile.html
@ -1,24 +1,31 @@
 <!doctype html>
 <html lang="en">
    <head>
-        <script src="http://play.workadventure.localhost/iframe_api.js"></script>
+        <script>
+            var script = document.createElement('script');
+            // Don't do this at home kids! The "document.referrer" part is actually inserting a XSS security.
+            // We are OK in this precise case because the HTML page is hosted on the "maps" domain that contains only static files.
+            script.setAttribute('src', document.referrer + 'iframe_api.js');
+            document.head.appendChild(script);
+
+            window.addEventListener('load', () => {
+                WA.room.changeTile([
+                    {x: 0, y: 0, tile: 92, layer: 'changeTile'},
+                    {x: 0, y: 2, tile: 'Red', layer: 'changeTile'},
+                    {x: 0, y: 3, tile: 99, layer: 'changeTile'},
+                    {x: 0, y: 5, tile: 117, layer: 'changeTile'},
+                    {x: 0, y: 6, tile: 117, layer: 'changeTile'},
+                    {x: 0, y: 9, tile: 74, layer: 'changeTile'}
+                ]);
+                WA.room.changeTile([
+                    {x: 6, y: 4, tile: 'blue', layer: 'changeTile'},
+                    {x: 7, y: 4, tile: 109, layer: 'changeTile'},
+                    {x: 8, y: 4, tile: 109, layer: 'changeTile'},
+                    {x: 9, y: 4, tile: 'blue', layer: 'changeTile'}
+                ]);
+            });
+        </script>
    </head>
    <body>
-    	<script>
-            WA.room.changeTile([
-                {x: 0, y: 0, tile: 92, layer: 'changeTile'},
-                {x: 0, y: 2, tile: 'Red', layer: 'changeTile'},
-                {x: 0, y: 3, tile: 99, layer: 'changeTile'},
-                {x: 0, y: 5, tile: 117, layer: 'changeTile'},
-                {x: 0, y: 6, tile: 117, layer: 'changeTile'},
-                {x: 0, y: 9, tile: 74, layer: 'changeTile'}
-                ]);
-            WA.room.changeTile([
-                {x: 6, y: 4, tile: 'blue', layer: 'changeTile'},
-                {x: 7, y: 4, tile: 109, layer: 'changeTile'},
-                {x: 8, y: 4, tile: 109, layer: 'changeTile'},
-                {x: 9, y: 4, tile: 'blue', layer: 'changeTile'}
-                ]);
-        </script>
    </body>
-</html>
+</html>