react

mirror of https://github.com/facebook/react.git synced 2025-11-01 09:12:30 +00:00

Files

T

Renan Valentin f00be84b81 fix(react-dom): access iframe contentWindow instead of contentDocument (#15099 )

MDN has a list of methods for obtaining the window reference of an
iframe:

https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage#Syntax

fix(react-dom): check if iframe belongs to the same origin

Accessing the contentDocument of a HTMLIframeElement can cause the browser
to throw, e.g. if it has a cross-origin src attribute.
Safari will show an error in the console when the access results in "Blocked a frame with origin". e.g:

```javascript
try {
 $0.contentDocument.defaultView
} catch (err) {
  console.log('err', err)
}

> Blocked a frame with origin X from accessing a frame with origin Y. Protocols, domains, and ports must match.
> err – TypeError: null is not an object (evaluating '$0.contentDocument.defaultView')
```

A safety way is to access one of the cross origin properties: Window or Location
Which might result in "SecurityError" DOM Exception and it is compatible to Safari.

```javascript
try {
 $0.contentWindow.location.href
} catch (err) {
 console.log('err', err)
}

> err – SecurityError: Blocked a frame with origin "http://localhost:3001" from accessing a cross-origin frame. Protocols, domains, and ports must match.
```

https://html.spec.whatwg.org/multipage/browsers.html#integration-with-idl

2019-03-27 08:45:32 -07:00

create-subscription

Release 16.8.5

2019-03-22 16:42:00 +00:00

eslint-plugin-react-hooks

Turning off eslint-plugin-react-hooks for the upcoming patch release

2019-03-05 14:35:53 -08:00

events

Remove unused simulated flag parameter (#14127 )

2018-11-06 17:33:01 -08:00

jest-mock-scheduler

Add directory details to the package.json of all packages (#14628 )