Babysteps towards cross-domain-cookies-in-iframes
This commit is contained in:
parent
0a5384f6a8
commit
a20f13ab7c
@ -13,7 +13,7 @@ $pageLayout['full'] = <<<'FULL'
|
|||||||
<link href="misc/style.css" rel="stylesheet" />
|
<link href="misc/style.css" rel="stylesheet" />
|
||||||
<link href="misc/style.theme.css" rel="stylesheet" />
|
<link href="misc/style.theme.css" rel="stylesheet" />
|
||||||
<link href="misc/style.button.css" rel="stylesheet" />
|
<link href="misc/style.button.css" rel="stylesheet" />
|
||||||
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.js"></script>
|
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.js"></script>
|
||||||
<script src="misc/script.translation.js"></script>
|
<script src="misc/script.translation.js"></script>
|
||||||
</head>
|
</head>
|
||||||
<body>
|
<body>
|
||||||
@ -79,7 +79,7 @@ $pageLayout['bare'] = <<<'BARE'
|
|||||||
<meta charset="utf-8" />
|
<meta charset="utf-8" />
|
||||||
<title>lucidAuth</title>
|
<title>lucidAuth</title>
|
||||||
<meta name="application-name" content="lucidAuth" />
|
<meta name="application-name" content="lucidAuth" />
|
||||||
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.js"></script>
|
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.js"></script>
|
||||||
<script src="misc/script.iframe.js"></script>
|
<script src="misc/script.iframe.js"></script>
|
||||||
</head>
|
</head>
|
||||||
<body>
|
<body>
|
||||||
@ -119,7 +119,7 @@ LOGIN;
|
|||||||
$contentLayout['manage']['header'] = <<<'MANAGE_HEADER'
|
$contentLayout['manage']['header'] = <<<'MANAGE_HEADER'
|
||||||
<script src="misc/script.editable.table.js"></script>
|
<script src="misc/script.editable.table.js"></script>
|
||||||
<script src="misc/script.manage.js"></script>
|
<script src="misc/script.manage.js"></script>
|
||||||
<span id="user"><span data-translation="span_loggedinas">Logged in as</span> %1$s --- [<a id="linklanguage-en" href="#" tabindex="700">EN</a> <a id="linklanguage-nl" class="current" href="#" tabindex="700">NL</a>] [<a href="#" tabindex="800" data-translation="link_logout">Logout</a>]</span>
|
<span id="user"><span data-translation="span_loggedinas">Logged in as</span> %1$s --- [<a id="linklanguage-en" class="current" href="#" tabindex="700">EN</a> <a id="linklanguage-nl" href="#" tabindex="700">NL</a>] [<a id="linklogout" href="#" tabindex="800" data-translation="link_logout">Logout</a>]</span>
|
||||||
<ul style="clear: both; margin-top: 20px;">
|
<ul style="clear: both; margin-top: 20px;">
|
||||||
<li class="buttons">
|
<li class="buttons">
|
||||||
<button id="btnnewuser" class="bttn-simple bttn-xs bttn-primary" data-translation="button_new">new</button>
|
<button id="btnnewuser" class="bttn-simple bttn-xs bttn-primary" data-translation="button_new">new</button>
|
||||||
|
@ -3,8 +3,7 @@
|
|||||||
|
|
||||||
include_once('../include/lucidAuth.functions.php');
|
include_once('../include/lucidAuth.functions.php');
|
||||||
|
|
||||||
|
// Start with checking $_REQUEST['ref']
|
||||||
// Start with checking $_REQUEST['ref']
|
|
||||||
// What do we need?
|
// What do we need?
|
||||||
// token again?
|
// token again?
|
||||||
|
|
||||||
@ -16,6 +15,24 @@
|
|||||||
// let the client setup multiple iframes for all domains other than origin domains
|
// let the client setup multiple iframes for all domains other than origin domains
|
||||||
// this requires passing an array of domains to the client in asynchronous reply; which feels insecure
|
// this requires passing an array of domains to the client in asynchronous reply; which feels insecure
|
||||||
|
|
||||||
|
if (!empty($_REQUEST['ref'])) {
|
||||||
|
try {
|
||||||
|
$queryString = json_decode(base64_decode($_REQUEST['ref']), JSON_OBJECT_AS_ARRAY);
|
||||||
|
}
|
||||||
|
catch (Exception $e) {
|
||||||
|
// Silently fail, unless explicitly specified otherwise
|
||||||
|
if ($settings->Debug['Verbose']) throw new Exception($e);
|
||||||
|
exit;
|
||||||
|
}
|
||||||
|
|
||||||
|
switch ($queryString['action']) {
|
||||||
|
case 'login':
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
include_once('../include/lucidAuth.template.php');
|
include_once('../include/lucidAuth.template.php');
|
||||||
|
|
||||||
echo sprintf($pageLayout['bare'],
|
echo sprintf($pageLayout['bare'],
|
||||||
|
@ -22,9 +22,9 @@ $(document).ready(function(){
|
|||||||
.append($('<td>', {
|
.append($('<td>', {
|
||||||
class: 'immutable',
|
class: 'immutable',
|
||||||
html: '<button class="bttn-simple bttn-xs bttn-primary disabled" data-translation="button_sessions" disabled="true">' +
|
html: '<button class="bttn-simple bttn-xs bttn-primary disabled" data-translation="button_sessions" disabled="true">' +
|
||||||
locales[(localStorage.getItem('language') !== null ? localStorage.getItem('language') : 'nl')]['button_sessions'] + '</button> ' +
|
locales[(localStorage.getItem('language') !== null ? localStorage.getItem('language') : 'en')]['button_sessions'] + '</button> ' +
|
||||||
'<button class="bttn-simple bttn-xs bttn-primary delete" data-translation="button_delete">' +
|
'<button class="bttn-simple bttn-xs bttn-primary delete" data-translation="button_delete">' +
|
||||||
locales[(localStorage.getItem('language') !== null ? localStorage.getItem('language') : 'nl')]['button_delete'] +
|
locales[(localStorage.getItem('language') !== null ? localStorage.getItem('language') : 'en')]['button_delete'] +
|
||||||
'</button>'
|
'</button>'
|
||||||
}))
|
}))
|
||||||
);
|
);
|
||||||
@ -69,6 +69,10 @@ console.log({'new': newEntries, 'removed': removedEntries});
|
|||||||
window.location.reload();
|
window.location.reload();
|
||||||
});
|
});
|
||||||
|
|
||||||
|
$('#linklogout').click(function() {
|
||||||
|
console.log('Logging out!');
|
||||||
|
});
|
||||||
|
|
||||||
if (localStorage.getItem('theme') !== null) {
|
if (localStorage.getItem('theme') !== null) {
|
||||||
$('#theme').addClass(localStorage.getItem('theme'));
|
$('#theme').addClass(localStorage.getItem('theme'));
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user