Babysteps towards cross-domain-cookies-in-iframes
This commit is contained in:
parent
0a5384f6a8
commit
a20f13ab7c
@ -13,7 +13,7 @@ $pageLayout['full'] = <<<'FULL'
|
||||
<link href="misc/style.css" rel="stylesheet" />
|
||||
<link href="misc/style.theme.css" rel="stylesheet" />
|
||||
<link href="misc/style.button.css" rel="stylesheet" />
|
||||
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.js"></script>
|
||||
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.js"></script>
|
||||
<script src="misc/script.translation.js"></script>
|
||||
</head>
|
||||
<body>
|
||||
@ -79,7 +79,7 @@ $pageLayout['bare'] = <<<'BARE'
|
||||
<meta charset="utf-8" />
|
||||
<title>lucidAuth</title>
|
||||
<meta name="application-name" content="lucidAuth" />
|
||||
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.js"></script>
|
||||
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.js"></script>
|
||||
<script src="misc/script.iframe.js"></script>
|
||||
</head>
|
||||
<body>
|
||||
@ -119,7 +119,7 @@ LOGIN;
|
||||
$contentLayout['manage']['header'] = <<<'MANAGE_HEADER'
|
||||
<script src="misc/script.editable.table.js"></script>
|
||||
<script src="misc/script.manage.js"></script>
|
||||
<span id="user"><span data-translation="span_loggedinas">Logged in as</span> %1$s --- [<a id="linklanguage-en" href="#" tabindex="700">EN</a> <a id="linklanguage-nl" class="current" href="#" tabindex="700">NL</a>] [<a href="#" tabindex="800" data-translation="link_logout">Logout</a>]</span>
|
||||
<span id="user"><span data-translation="span_loggedinas">Logged in as</span> %1$s --- [<a id="linklanguage-en" class="current" href="#" tabindex="700">EN</a> <a id="linklanguage-nl" href="#" tabindex="700">NL</a>] [<a id="linklogout" href="#" tabindex="800" data-translation="link_logout">Logout</a>]</span>
|
||||
<ul style="clear: both; margin-top: 20px;">
|
||||
<li class="buttons">
|
||||
<button id="btnnewuser" class="bttn-simple bttn-xs bttn-primary" data-translation="button_new">new</button>
|
||||
|
@ -3,7 +3,6 @@
|
||||
|
||||
include_once('../include/lucidAuth.functions.php');
|
||||
|
||||
|
||||
// Start with checking $_REQUEST['ref']
|
||||
// What do we need?
|
||||
// token again?
|
||||
@ -16,6 +15,24 @@
|
||||
// let the client setup multiple iframes for all domains other than origin domains
|
||||
// this requires passing an array of domains to the client in asynchronous reply; which feels insecure
|
||||
|
||||
if (!empty($_REQUEST['ref'])) {
|
||||
try {
|
||||
$queryString = json_decode(base64_decode($_REQUEST['ref']), JSON_OBJECT_AS_ARRAY);
|
||||
}
|
||||
catch (Exception $e) {
|
||||
// Silently fail, unless explicitly specified otherwise
|
||||
if ($settings->Debug['Verbose']) throw new Exception($e);
|
||||
exit;
|
||||
}
|
||||
|
||||
switch ($queryString['action']) {
|
||||
case 'login':
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
include_once('../include/lucidAuth.template.php');
|
||||
|
||||
echo sprintf($pageLayout['bare'],
|
||||
|
@ -22,9 +22,9 @@ $(document).ready(function(){
|
||||
.append($('<td>', {
|
||||
class: 'immutable',
|
||||
html: '<button class="bttn-simple bttn-xs bttn-primary disabled" data-translation="button_sessions" disabled="true">' +
|
||||
locales[(localStorage.getItem('language') !== null ? localStorage.getItem('language') : 'nl')]['button_sessions'] + '</button> ' +
|
||||
locales[(localStorage.getItem('language') !== null ? localStorage.getItem('language') : 'en')]['button_sessions'] + '</button> ' +
|
||||
'<button class="bttn-simple bttn-xs bttn-primary delete" data-translation="button_delete">' +
|
||||
locales[(localStorage.getItem('language') !== null ? localStorage.getItem('language') : 'nl')]['button_delete'] +
|
||||
locales[(localStorage.getItem('language') !== null ? localStorage.getItem('language') : 'en')]['button_delete'] +
|
||||
'</button>'
|
||||
}))
|
||||
);
|
||||
@ -69,6 +69,10 @@ console.log({'new': newEntries, 'removed': removedEntries});
|
||||
window.location.reload();
|
||||
});
|
||||
|
||||
$('#linklogout').click(function() {
|
||||
console.log('Logging out!');
|
||||
});
|
||||
|
||||
if (localStorage.getItem('theme') !== null) {
|
||||
$('#theme').addClass(localStorage.getItem('theme'));
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user