HelloZeroNet
/
ZeroNet
mirror of https://github.com/HelloZeroNet/ZeroNet.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Rev378, Wrapper securty fix by deny opener

This commit is contained in:
HelloZeroNet 2015-09-09 01:44:27 +02:00
parent 00940797c8
commit eec0b22c1f
2 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Config.py
View File

@ -8,7 +8,7 @@ class Config(object):
def __init__(self, argv):
self.version = "0.3.2"
self.rev = 377
self.rev = 378
self.argv = argv
self.action = None
self.createParser()

5
src/Ui/template/wrapper.html
View File

@ -15,6 +15,11 @@
// If we are inside iframe escape from it
if (window.self !== window.top) window.open(window.location.toString(), "_top");
if (window.self !== window.top) window.stop();
// Dont allow site to load in a popup
if (window.opener) document.write("Opener not allowed")
if (window.opener && document.execCommand) document.execCommand("Stop", false)
if (window.opener && window.stop) window.stop()
</script>
<div class="progressbar">