Rev378, Wrapper securty fix by deny opener

2015-09-09 01:44:27 +02:00 · 2015-09-09 01:44:27 +02:00 · eec0b22c1f
commit eec0b22c1f
parent 00940797c8
2 changed files with 6 additions and 1 deletions
--- a/src/Config.py
+++ b/src/Config.py
@ -8,7 +8,7 @@ class Config(object):

    def __init__(self, argv):
        self.version = "0.3.2"
-        self.rev = 377
+        self.rev = 378
        self.argv = argv
        self.action = None
        self.createParser()
--- a/src/Ui/template/wrapper.html
+++ b/src/Ui/template/wrapper.html
@ -15,6 +15,11 @@
 // If we are inside iframe escape from it
 if (window.self !== window.top) window.open(window.location.toString(), "_top");
 if (window.self !== window.top) window.stop();
+
+// Dont allow site to load in a popup
+if (window.opener) document.write("Opener not allowed")
+if (window.opener && document.execCommand) document.execCommand("Stop", false)
+if (window.opener && window.stop) window.stop()
 </script>

 <div class="progressbar">