workadventure

lbehm/workadventure

Fork 0

Commit graph

Author	SHA1	Message	Date
David Négrier	41fd848fa0	Fixed potential injection by switching map container to PHP Some HTML files were importing iframe_api.js automatically by detecting the referrer document. While this was done in a safe way (the map container does not use cookies), it is not a best practice to load a script originating from document.referrer. This PR solves the issue by using PHP to inject the correct domain name in the HTML files.	2021-11-29 19:05:13 +01:00
GRL	ebcf4a6ae3	Add documentation delete unused test map	2021-08-27 14:49:57 +02:00
GRL	cf7bfe79ca	Refactor to only have one function registerMenuCommand When selected custom menu is removed, go to settings menu Allow iframe in custom menu to use Scripting API Return menu object when it is registered, can call remove function on it	2021-08-27 10:34:03 +02:00

Author

SHA1

Message

Date

David Négrier

41fd848fa0

Fixed potential injection by switching map container to PHP

Some HTML files were importing iframe_api.js automatically by detecting the referrer document.

While this was done in a safe way (the map container does not use cookies), it is not
a best practice to load a script originating from document.referrer.

This PR solves the issue by using PHP to inject the correct domain name in the HTML files.

2021-11-29 19:05:13 +01:00

GRL

ebcf4a6ae3

Add documentation

delete unused test map

2021-08-27 14:49:57 +02:00

GRL

cf7bfe79ca

Refactor to only have one function registerMenuCommand

When selected custom menu is removed, go to settings menu
Allow iframe in custom menu to use Scripting API
Return menu object when it is registered, can call remove function on it

2021-08-27 10:34:03 +02:00

3 commits