Skip to content

Commit 94bd6a8

Browse files
turtledreamsturtledreams
authored
Merge pull request #36 from Countly/content-whitelist
Content Whitelisting
2 parents 6c82149 + 2dfa965 commit 94bd6a8

File tree

2 files changed

+11
-1
lines changed

2 files changed

+11
-1
lines changed

CHANGELOG.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@
99

1010
* Added `refreshContentZone` method to Content interface for refreshing Content Zone requests
1111
* Added `behavior_settings` init time method for providing server configuration during first initialization
12+
* Added `content_whitelist` init time method that lets you whitelist your other domains for diplaying Content
1213

1314
* `max_logs` config option value will not be used anymore (use `max_breadcrumb_count` instead)
1415

modules/CountlyClass.js

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -390,6 +390,7 @@ class CountlyClass {
390390
this.storage = getConfig("storage", ob, "default");
391391
this.enableOrientationTracking = !isBrowser ? undefined : getConfig("enable_orientation_tracking", ob, true);
392392
this.heatmapWhitelist = getConfig("heatmap_whitelist", ob, []);
393+
this.contentWhitelist = getConfig("content_whitelist", ob, []);
393394
this.salt = getConfig("salt", ob, null);
394395
this.hcErrorCount = this.#getValueFromStorage(healthCheckCounterEnum.errorCount) || 0;
395396
this.hcWarningCount = this.#getValueFromStorage(healthCheckCounterEnum.warningCount) || 0;
@@ -439,6 +440,14 @@ class CountlyClass {
439440
}
440441
}
441442

443+
if (Array.isArray(this.contentWhitelist)) {
444+
this.contentWhitelist.push(this.url);
445+
this.contentWhitelist = this.contentWhitelist.map((e) => {
446+
// remove trailing slashes from the entries
447+
return stripTrailingSlash(e);
448+
});
449+
}
450+
442451
if ((this.passed_data && this.passed_data.app_key && this.passed_data.app_key === this.app_key) || (this.passed_data && !this.passed_data.app_key && this.#global)) {
443452
if (this.passed_data.token && this.passed_data.purpose) {
444453
if (this.passed_data.token !== this.#getValueFromStorage("cly_old_token")) {
@@ -4012,7 +4021,7 @@ class CountlyClass {
40124021
};
40134022

40144023
#interpretContentMessage = (messageEvent) => {
4015-
if (messageEvent.origin !== this.url) {
4024+
if (this.contentWhitelist.indexOf(messageEvent.origin) === -1) {
40164025
// this.#log(logLevelEnums.ERROR, "interpretContentMessage, Received message from invalid origin");
40174026
// silent ignore
40184027
return;

0 commit comments

Comments
 (0)