HelloZeroNet/ZeroNet
1
0
Fork 0
mirror of https://github.com/HelloZeroNet/ZeroNet.git synced 2023-12-14 04:33:03 +01:00
Code Issues Projects Releases Wiki Activity

Rev3415, Fix FireFox wrapper_nonce url injection

Browse source
This commit is contained in:
shortcutme 2018-04-18 21:40:29 +02:00
parent fd842c43a6
commit 3beab611a3
No known key found for this signature in database
GPG key ID: 5B63BAE6CB9613AE
2 changed files with 2 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/Config.py
View file

@ -10,7 +10,7 @@ class Config(object):
def __init__(self, argv):
self.version = "0.6.2"
self.rev = 3412
self.rev = 3415
self.argv = argv
self.action = None
self.config_file = "zeronet.conf"

3
src/Ui/template/wrapper.html
View file

@ -17,7 +17,7 @@
<script>
// If we are inside iframe escape from it
if (window.self !== window.top) {
window.open(window.location.toString(), "_top");
window.open(window.location.toString().replace(/([&?])wrapper=False/, "$1").replace(/&$/, "").replace(/[&?]wrapper_nonce=[A-Za-z0-9]+/, ""), "_top");
document.write("Escaping from iframe...");
window.stop();
document.execCommand("Stop", false);
@ -64,7 +64,6 @@ else if (window.opener && window.opener.location.toString()) {
<!-- Site info -->
<script id="script_init">
document.getElementById("inner-iframe").src = "about:blank"
document.getElementById("inner-iframe").src = "{file_url}{query_string}"
address = "{address}"
wrapper_nonce = "{wrapper_nonce}"