lucidAuth/public/lucidAuth.setXDomainCookie.php

<?php
	error_reporting(E_ALL ^ E_NOTICE);

	include_once('../include/lucidAuth.functions.php');

    // Start with checking $_REQUEST['ref']
	// What do we need?
	//   token again?

	// approach 1:
	//   origin domain, so we can intersect with $settings->Session['CookieDomains'] and iterate through the remaining domains, serving them in one page (which contains iframes already)
	//   this might be slower because it means one additional roundtrip between client and server

	// approach 2:
	//   let the client setup multiple iframes for all domains other than origin domains
	//   this requires passing an array of domains to the client in asynchronous reply; which feels insecure

	if (!empty($_REQUEST['ref'])) {
		try {
			$queryString = json_decode(base64_decode($_REQUEST['ref']), JSON_OBJECT_AS_ARRAY);
		}
		catch (Exception $e) {
			// Silently fail, unless explicitly specified otherwise
			if ($settings->Debug['Verbose']) throw new Exception($e);
            exit;
		}

        switch ($queryString['action']) {
            case 'login':
                break;
            default:
                break;
        }
	}

	include_once('../include/lucidAuth.template.php');

	echo sprintf($pageLayout['bare'],
		'// iFrames go here'
	);
?>
Migrated IDE platform; accepting nonexisting diffs to make IDE happy 2019-02-27 20:39:31 +00:00			`<?php`
			`error_reporting(E_ALL ^ E_NOTICE);`

			`include_once('../include/lucidAuth.functions.php');`

Babysteps towards cross-domain-cookies-in-iframes 2019-03-13 09:59:12 +00:00			`// Start with checking $_REQUEST['ref']`
Migrated IDE platform; accepting nonexisting diffs to make IDE happy 2019-02-27 20:39:31 +00:00			`// What do we need?`
			`// token again?`

			`// approach 1:`
			`// origin domain, so we can intersect with $settings->Session['CookieDomains'] and iterate through the remaining domains, serving them in one page (which contains iframes already)`
			`// this might be slower because it means one additional roundtrip between client and server`

			`// approach 2:`
			`// let the client setup multiple iframes for all domains other than origin domains`
			`// this requires passing an array of domains to the client in asynchronous reply; which feels insecure`

Babysteps towards cross-domain-cookies-in-iframes 2019-03-13 09:59:12 +00:00			`if (!empty($_REQUEST['ref'])) {`
			`try {`
			`$queryString = json_decode(base64_decode($_REQUEST['ref']), JSON_OBJECT_AS_ARRAY);`
			`}`
			`catch (Exception $e) {`
			`// Silently fail, unless explicitly specified otherwise`
			`if ($settings->Debug['Verbose']) throw new Exception($e);`
			`exit;`
			`}`

			`switch ($queryString['action']) {`
			`case 'login':`
			`break;`
			`default:`
			`break;`
			`}`
			`}`

Migrated IDE platform; accepting nonexisting diffs to make IDE happy 2019-02-27 20:39:31 +00:00			`include_once('../include/lucidAuth.template.php');`

			`echo sprintf($pageLayout['bare'],`
			`'// iFrames go here'`
			`);`
Added nonfunctional workflow for crossdomain cookies 2019-02-22 10:28:42 +00:00			`?>`