libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

Merge pull request #2995 from stianst/KEYCLOAK-2617

Browse source 
KEYCLOAK-2617 Ignore postmessages if not initiated by keycloak.js
This commit is contained in:
Stian Thorgersen 2016-07-04 19:19:34 +02:00 committed by GitHub
commit dd6434a487
1 changed files with 16 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
adapters/oidc/js/src/main/resources/keycloak.js
View file

@ -792,8 +792,22 @@
if (event.origin !== loginIframe.iframeOrigin) { if (event.origin !== loginIframe.iframeOrigin) {
return; return;
} }
try {
var data = JSON.parse(event.data); var data = JSON.parse(event.data);
} catch (err) {
return;
}
if (!data.callbackId) {
return;
}
var promise = loginIframe.callbackMap[data.callbackId]; var promise = loginIframe.callbackMap[data.callbackId];
if (!promise) {
return;
}
delete loginIframe.callbackMap[data.callbackId]; delete loginIframe.callbackMap[data.callbackId];
if ((!kc.sessionId || kc.sessionId == data.session) && data.loggedIn) { if ((!kc.sessionId || kc.sessionId == data.session) && data.loggedIn) {