File tree 1 file changed +11
-12
lines changed 1 file changed +11
-12
lines changed Original file line number Diff line number Diff line change @@ -9,17 +9,16 @@ Index: code-server/lib/vscode/src/vs/workbench/contrib/webview/browser/pre/main.
99===================================================================
1010--- code-server.orig/lib/vscode/src/vs/workbench/contrib/webview/browser/pre/main.js
1111+++ code-server/lib/vscode/src/vs/workbench/contrib/webview/browser/pre/main.js
12- @@ -339,12 +339,7 @@ const hostMessaging = new class HostMess
13- throw err instanceof Error ? err : new Error(String(err));
14- }
12+ @@ -317,6 +317,12 @@ const hostMessaging = new class HostMess
13+ const id = searchParams.get('id');
1514
16- - if (hostname === parentOriginHash || hostname.startsWith(parentOriginHash + '.')) {
17- - // validation succeeded!
18- - return start(parentOrigin);
19- - }
20- -
21- - throw new Error(`Expected '${parentOriginHash}' as hostname or subdomain!`);
22- + return start(parentOrigin);
23- }
24- }();
15+ const hostname = location.hostname;
16+ +
17+ + // It is safe to run if we are on the same host.
18+ + const parent = new URL(parentOrigin)
19+ + if (parent.hostname == location.hostname) {
20+ + return start(parentOrigin)
21+ + }
2522
23+ if (!crypto.subtle) {
24+ // cannot validate, not running in a secure context
You can’t perform that action at this time.
0 commit comments