Merge branch 'develop' of github.com:thecodingmachine/workadventure into twemojiEmoteMenu

front/src/Components/Chat/Chat.svelte

@@ -30,7 +30,7 @@
 
 
 <aside class="chatWindow" transition:fly="{{ x: -1000, duration: 500 }}">
-    <i class="close-icon" on:click={closeChat}>&times</i>
+    <p class="close-icon" on:click={closeChat}>&times</p>
     <section class="messagesList" bind:this={listDom}>
         <ul>
             <li><p class="system-text">Here is your chat history: </p></li>
@@ -45,13 +45,12 @@
 </aside>
 
 <style lang="scss">
-    i.close-icon {
+    p.close-icon {
       position: absolute;
       padding: 4px;
       right: 12px;
       font-size: 30px;
       line-height: 25px;
-      font-weight: bold;
       cursor: pointer;
     }
     

front/src/Connexion/Room.ts

@@ -169,6 +169,7 @@ export class Room {
      */
     public get key(): string {
         const newUrl = new URL(this.roomUrl.toString());
+        newUrl.search = "";
         newUrl.hash = "";
         return newUrl.toString();
     }

front/src/Phaser/Reconnecting/ErrorScene.ts

@@ -34,7 +34,7 @@ export class ErrorScene extends Phaser.Scene {
     }
 
     preload() {
-        this.load.image(Textures.icon, "resources/logos/tcm_full.png");
+        this.load.image(Textures.icon, "static/images/favicons/favicon-32x32.png");
         // Note: arcade.png from the Phaser 3 examples at: https://github.com/photonstorm/phaser3-examples/tree/master/public/assets/fonts/bitmap
         this.load.bitmapFont(Textures.mainFont, 'resources/fonts/arcade.png', 'resources/fonts/arcade.xml');
         this.load.spritesheet(

front/src/Phaser/Reconnecting/ReconnectingScene.ts

@@ -19,7 +19,7 @@ export class ReconnectingScene extends Phaser.Scene {
     }
 
     preload() {
-        this.load.image(ReconnectingTextures.icon, "resources/logos/tcm_full.png");
+        this.load.image(ReconnectingTextures.icon, "static/images/favicons/favicon-32x32.png");
         // Note: arcade.png from the Phaser 3 examples at: https://github.com/photonstorm/phaser3-examples/tree/master/public/assets/fonts/bitmap
         this.load.bitmapFont(ReconnectingTextures.mainFont, 'resources/fonts/arcade.png', 'resources/fonts/arcade.xml');
         this.load.spritesheet(

maps/tests/Metadata/customMenu.html

@@ -1,13 +1,20 @@
 <!doctype html>
 <html lang="en">
     <head>
-        <script src="http://play.workadventure.localhost/iframe_api.js"></script>
+        <script>
-    </head>
+            var script = document.createElement('script');
-    <body>
+            // Don't do this at home kids! The "document.referrer" part is actually inserting a XSS security.
-    	<script>
+            // We are OK in this precise case because the HTML page is hosted on the "maps" domain that contains only static files.
-            WA.ui.registerMenuCommand("test", () => {
+            script.setAttribute('src', document.referrer + 'iframe_api.js');
-                WA.chat.sendChatMessage("test clicked", "menu cmd")
+            document.head.appendChild(script);
+            window.addEventListener('load', () => {
+                WA.ui.registerMenuCommand("test", () => {
+                    WA.chat.sendChatMessage("test clicked", "menu cmd")
+                })
             })
         </script>
+    </head>
+    <body>
+        <p>Add a custom menu</p>
     </body>
 </html>

maps/tests/Metadata/getCurrentRoom.html

@@ -1,16 +1,23 @@
 <!doctype html>
 <html lang="en">
     <head>
-        <script src="http://play.workadventure.localhost/iframe_api.js"></script>
+        <script>
+            var script = document.createElement('script');
+            // Don't do this at home kids! The "document.referrer" part is actually inserting a XSS security.
+            // We are OK in this precise case because the HTML page is hosted on the "maps" domain that contains only static files.
+            script.setAttribute('src', document.referrer + 'iframe_api.js');
+            document.head.appendChild(script);
+            window.addEventListener('load', () => {
+                WA.room.getCurrentRoom().then((room) => {
+                    console.log('id : ', room.id);
+                    console.log('map : ', room.map);
+                    console.log('mapUrl : ', room.mapUrl);
+                    console.log('startLayer : ', room.startLayer);
+                })
+            })
+        </script>
     </head>
     <body>
-    	<script>
+        <p>Log in the console the information of the current room</p>
-    		WA.room.getCurrentRoom().then((room) => {
-                console.log('id : ', room.id);
-                console.log('map : ', room.map);
-                console.log('mapUrl : ', room.mapUrl);
-                console.log('startLayer : ', room.startLayer);
-            })
-    	</script>
     </body>
 </html>

maps/tests/Metadata/getCurrentUser.html

@@ -1,15 +1,22 @@
 <!doctype html>
 <html lang="en">
     <head>
-        <script src="http://play.workadventure.localhost/iframe_api.js"></script>
+        <script>
+            var script = document.createElement('script');
+            // Don't do this at home kids! The "document.referrer" part is actually inserting a XSS security.
+            // We are OK in this precise case because the HTML page is hosted on the "maps" domain that contains only static files.
+            script.setAttribute('src', document.referrer + 'iframe_api.js');
+            document.head.appendChild(script);
+            window.addEventListener('load', () => {
+                WA.player.getCurrentUser().then((user) => {
+                    console.log('id : ', user.id);
+                    console.log('nickName : ', user.nickName);
+                    console.log('tags : ', user.tags);
+                })
+            })
+        </script>
     </head>
     <body>
-    	<script>
+        <p>Log  in the console the information of the current player</p>
-    		WA.player.getCurrentUser().then((user) => {
-                console.log('id : ', user.id);
-                console.log('nickName : ', user.nickName);
-                console.log('tags : ', user.tags);
-            })
-    	</script>
     </body>
 </html>

maps/tests/Metadata/playerMove.html

@@ -1,12 +1,18 @@
 <!doctype html>
 <html lang="en">
     <head>
-        <script src="http://play.workadventure.localhost/iframe_api.js"></script>
+        <script>
+            var script = document.createElement('script');
+            // Don't do this at home kids! The "document.referrer" part is actually inserting a XSS security.
+            // We are OK in this precise case because the HTML page is hosted on the "maps" domain that contains only static files.
+            script.setAttribute('src', document.referrer + 'iframe_api.js');
+            document.head.appendChild(script);
+            window.addEventListener('load', () => {
+                WA.player.onPlayerMove(console.log);
+            })
+        </script>
     </head>
     <body>
-    	<div id="playerMovement"></div>
+        <p>Log in the console the movement of the current player in the zone of the iframe</p>
-    	<script>
-    		WA.player.onPlayerMove(console.log);
-    	</script>
     </body>
 </html>

maps/tests/Metadata/setProperty.html

@@ -1,12 +1,19 @@
 <!doctype html>
 <html lang="en">
     <head>
-        <script src="http://play.workadventure.localhost/iframe_api.js"></script>
+        <script>
+            var script = document.createElement('script');
+            // Don't do this at home kids! The "document.referrer" part is actually inserting a XSS security.
+            // We are OK in this precise case because the HTML page is hosted on the "maps" domain that contains only static files.
+            script.setAttribute('src', document.referrer + 'iframe_api.js');
+            document.head.appendChild(script);
+            window.addEventListener('load', () => {
+                WA.room.setProperty('iframeTest', 'openWebsite', 'https://www.wikipedia.org/');
+                WA.room.setProperty('metadata', 'openWebsite', 'https://www.wikipedia.org/');
+            })
+        </script>
     </head>
     <body>
-    	<script>
+        <p>Change the url of this iframe and add the 'openWebsite' property to the red tile layer</p>
-    		WA.room.setProperty('iframeTest', 'openWebsite', 'https://www.wikipedia.org/');
-    		WA.room.setProperty('metadata', 'openWebsite', 'https://www.wikipedia.org/');
-    	</script>
     </body>
 </html>

maps/tests/Metadata/showHideLayer.html

@@ -1,21 +1,27 @@
 <!doctype html>
 <html lang="en">
     <head>
-        <script src="http://play.workadventure.localhost/iframe_api.js"></script>
+        <script>
+            var script = document.createElement('script');
+            // Don't do this at home kids! The "document.referrer" part is actually inserting a XSS security.
+            // We are OK in this precise case because the HTML page is hosted on the "maps" domain that contains only static files.
+            script.setAttribute('src', document.referrer + 'iframe_api.js');
+            document.head.appendChild(script);
+            window.addEventListener('load', () => {
+                document.getElementById('show/hideLayer').onclick = () => {
+                    if (document.getElementById('show/hideLayer').checked) {
+                        WA.room.showLayer('crystal');
+                    }
+                    else {
+                        WA.room.hideLayer('crystal');
+                    }
+                }
+            })
+        </script>
     </head>
     <body>
     	<div>
             <label for="show/hideLayer">Crysal Layer : </label><input type="checkbox" id="show/hideLayer" name="visible" value="show" checked>
         </div>
-    	<script>
-    		document.getElementById('show/hideLayer').onclick = () => {
-                if (document.getElementById('show/hideLayer').checked) {
-                    WA.room.showLayer('crystal');
-                }
-                else {
-                    WA.room.hideLayer('crystal');
-                }
-            }
-    	</script>
     </body>
 </html>

maps/tests/index.html

@@ -122,14 +122,6 @@
                     <a href="#" class="testLink" data-testmap="Metadata/customMenu.json" target="_blank">Testing add a custom menu by scripting API</a>
                 </td>
             </tr>
-            <tr>
-                <td>
-                    <input type="radio" name="test-getCurrentRoom"> Success <input type="radio" name="test-getCurrentRoom"> Failure <input type="radio" name="test-getCurrentRoom" checked> Pending
-                </td>
-                <td>
-                    <a href="#" class="testLink" data-testmap="Metadata/getCurrentRoom.json" target="_blank">Testing return current room attributes by Scripting API (Need to test from current user)</a>
-                </td>
-            </tr>
             <tr>
                 <td>
                     <input type="radio" name="test-getCurrentUser"> Success <input type="radio" name="test-getCurrentUser"> Failure <input type="radio" name="test-getCurrentUser" checked> Pending
@@ -138,6 +130,14 @@
                     <a href="#" class="testLink" data-testmap="Metadata/getCurrentUser.json" target="_blank">Testing return current user attributes by Scripting API</a>
                 </td>
             </tr>
+            <tr>
+                <td>
+                    <input type="radio" name="test-getCurrentRoom"> Success <input type="radio" name="test-getCurrentRoom"> Failure <input type="radio" name="test-getCurrentRoom" checked> Pending
+                </td>
+                <td>
+                    <a href="#" class="testLink" data-testmap="Metadata/getCurrentRoom.json" target="_blank">Testing return current room attributes by Scripting API (Need to test from current user)</a>
+                </td>
+            </tr>
             <tr>
                 <td>
                     <input type="radio" name="test-player-move"> Success <input type="radio" name="test-player-move"> Failure <input type="radio" name="test-player-move" checked> Pending
@@ -186,14 +186,6 @@
                     <a href="#" class="testLink" data-testmap="start-tile.json#S2" target="_blank">Test start tile (S2)</a>
                 </td>
             </tr>
-            <tr>
-                <td>
-                    <input type="radio" name="test-cowebsite-allowAPI2"> Success <input type="radio" name="test-cowebsite-allowAPI2"> Failure <input type="radio" name="test-cowebsite-allowAPI2" checked> Pending
-                </td>
-                <td>
-                    <a href="#" class="testLink" data-testmap="Metadata/cowebsiteAllowApi.json" target="_blank">Test cowebsite opened by script is allowed to use IFrame API</a>
-                </td>
-            </tr>
             <tr>
                 <td>
                     <input type="radio" name="test-set-tiles"> Success <input type="radio" name="test-set-tiles"> Failure <input type="radio" name="test-set-tiles" checked> Pending