From eec0b22c1fe233c553e10a5faeee193cf9adb997 Mon Sep 17 00:00:00 2001
From: HelloZeroNet <hello@noloop.me>
Date: Wed, 9 Sep 2015 01:44:27 +0200
Subject: [PATCH] Rev378, Wrapper securty fix by deny opener

---
 src/Config.py                | 2 +-
 src/Ui/template/wrapper.html | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/Config.py b/src/Config.py
index 45419a26..fe0079e9 100644
--- a/src/Config.py
+++ b/src/Config.py
@@ -8,7 +8,7 @@ class Config(object):
 
     def __init__(self, argv):
         self.version = "0.3.2"
-        self.rev = 377
+        self.rev = 378
         self.argv = argv
         self.action = None
         self.createParser()
diff --git a/src/Ui/template/wrapper.html b/src/Ui/template/wrapper.html
index a52507fc..b2046d3e 100644
--- a/src/Ui/template/wrapper.html
+++ b/src/Ui/template/wrapper.html
@@ -15,6 +15,11 @@
 // If we are inside iframe escape from it
 if (window.self !== window.top) window.open(window.location.toString(), "_top");
 if (window.self !== window.top) window.stop();
+
+// Dont allow site to load in a popup
+if (window.opener) document.write("Opener not allowed")
+if (window.opener && document.execCommand) document.execCommand("Stop", false)
+if (window.opener && window.stop) window.stop()
 </script>
 
 <div class="progressbar">