diff --git a/src/background.ts b/src/background.ts index 2a27d06..2398e55 100644 --- a/src/background.ts +++ b/src/background.ts @@ -329,9 +329,10 @@ async function checkWebviewFocus() { const timeout = setTimeout(() => { resolve(false); // No response within 1 second, assume not focused }, 1000); + const targetOrigin = window.location.origin; // Send a message to check focus - window.postMessage({ action: "CHECK_FOCUS" }, "*"); + window.postMessage({ action: "CHECK_FOCUS" }, targetOrigin); // Listen for the response const handleMessage = (event) => { @@ -1277,14 +1278,16 @@ const getStoredData = async (key) => { export async function handleActiveGroupDataFromSocket({ groups, directs }) { try { + const targetOrigin = window.location.origin; + window.postMessage({ action: "SET_GROUPS", payload: groups, - }, "*"); + }, targetOrigin); window.postMessage({ action: "SET_DIRECTS", payload: directs, - }, "*"); + }, targetOrigin); groups = groups; directs = directs; @@ -2949,11 +2952,13 @@ export const checkNewMessages = async () => { ] }); } + const targetOrigin = window.location.origin; + const savedtimestampAfter = await getTimestampGroupAnnouncement(); window.postMessage({ action: "SET_GROUP_ANNOUNCEMENTS", payload: savedtimestampAfter, - }, "*"); + }, targetOrigin); } catch (error) { } finally { } @@ -3098,10 +3103,12 @@ export const checkThreads = async (bringBack) => { } const savedtimestampAfter = await getTimestampGroupAnnouncement(); + const targetOrigin = window.location.origin; + window.postMessage({ action: "SET_GROUP_ANNOUNCEMENTS", payload: savedtimestampAfter, - }, "*"); + }, targetOrigin); } catch (error) { } finally { } @@ -3141,16 +3148,17 @@ LocalNotifications.addListener('localNotificationActionPerformed', async (event) const type = extraData?.type; const from = extraData?.from; + const targetOrigin = window.location.origin; // Determine notification type based on `type` field if (type === 'direct') { - window.postMessage({ action: "NOTIFICATION_OPEN_DIRECT", payload: { from } }, "*"); + window.postMessage({ action: "NOTIFICATION_OPEN_DIRECT", payload: { from } }, targetOrigin); } else if (type === 'group') { - window.postMessage({ action: "NOTIFICATION_OPEN_GROUP", payload: { from } }, "*"); + window.postMessage({ action: "NOTIFICATION_OPEN_GROUP", payload: { from } }, targetOrigin); } else if (type === 'group-announcement') { - window.postMessage({ action: "NOTIFICATION_OPEN_ANNOUNCEMENT_GROUP", payload: { from } }, "*"); + window.postMessage({ action: "NOTIFICATION_OPEN_ANNOUNCEMENT_GROUP", payload: { from } }, targetOrigin); } else if (type === 'thread-post') { - window.postMessage({ action: "NOTIFICATION_OPEN_THREAD_NEW_POST", payload: { data: extraData?.data } }, "*"); + window.postMessage({ action: "NOTIFICATION_OPEN_THREAD_NEW_POST", payload: { data: extraData?.data } }, targetOrigin); } // Clear all notifications diff --git a/src/components/Apps/AppViewer.tsx b/src/components/Apps/AppViewer.tsx index 2aa71a8..01c487f 100644 --- a/src/components/Apps/AppViewer.tsx +++ b/src/components/Apps/AppViewer.tsx @@ -49,10 +49,10 @@ export const AppViewer = React.forwardRef(({ app , hide}, iframeRef) => { // Calculate the previous index and path const previousPageIndex = history.currentIndex - 1; const previousPath = history.customQDNHistoryPaths[previousPageIndex]; - + const targetOrigin = iframeRef.current ? new URL(iframeRef.current.src).origin : "*"; // Signal non-manual navigation iframeRef.current.contentWindow.postMessage( - { action: 'PERFORMING_NON_MANUAL', currentIndex: previousPageIndex }, '*' + { action: 'PERFORMING_NON_MANUAL', currentIndex: previousPageIndex }, targetOrigin ); // Update the current index locally changeCurrentIndex(previousPageIndex); @@ -73,10 +73,10 @@ export const AppViewer = React.forwardRef(({ app , hide}, iframeRef) => { window.removeEventListener('message', handleNavigationSuccess); reject(new Error("Navigation timeout")); }, 200); - + const targetOrigin = iframeRef.current ? new URL(iframeRef.current.src).origin : "*"; // Send the navigation command after setting up the listener and timeout iframeRef.current.contentWindow.postMessage( - { action: 'NAVIGATE_TO_PATH', path: previousPath, requestedHandler: 'UI' }, '*' + { action: 'NAVIGATE_TO_PATH', path: previousPath, requestedHandler: 'UI' }, targetOrigin ); }); @@ -111,11 +111,11 @@ export const AppViewer = React.forwardRef(({ app , hide}, iframeRef) => { // Function to navigate back in iframe const navigateForwardInIframe = async () => { - + const targetOrigin = iframeRef.current ? new URL(iframeRef.current.src).origin : "*"; if (iframeRef.current && iframeRef.current.contentWindow) { iframeRef.current.contentWindow.postMessage( { action: 'NAVIGATE_FORWARD'}, - '*' + targetOrigin ); } else { console.log('Iframe not accessible or does not have a content window.'); diff --git a/src/components/Apps/useQortalMessageListener.tsx b/src/components/Apps/useQortalMessageListener.tsx index 890cf29..acd5a8d 100644 --- a/src/components/Apps/useQortalMessageListener.tsx +++ b/src/components/Apps/useQortalMessageListener.tsx @@ -531,10 +531,11 @@ isDOMContentLoaded: false executeEvent("addTab", { data: event?.data?.payload }) + const targetOrigin = iframeRef.current ? new URL(iframeRef.current.src).origin : "*"; iframeRef.current.contentWindow.postMessage( { action: 'SET_TAB_SUCCESS', requestedHandler: 'UI',payload: { name: event?.data?.payload?.name - } }, '*' + } }, targetOrigin ); } diff --git a/src/messaging/messagesToBackground.tsx b/src/messaging/messagesToBackground.tsx index 2213d38..164bef5 100644 --- a/src/messaging/messagesToBackground.tsx +++ b/src/messaging/messagesToBackground.tsx @@ -28,9 +28,10 @@ export const sendMessageBackground = (action, data = {}, timeout = 60000, isExte return new Promise((resolve, reject) => { const requestId = generateRequestId(); // Unique ID for each request callbackMap.set(requestId, { resolve, reject }); // Store both resolve and reject callbacks + const targetOrigin = window.location.origin // Send the message with `backgroundMessage` type - window.postMessage({ type: "backgroundMessage", action, requestId, payload: data, isExtension }, "*"); + window.postMessage({ type: "backgroundMessage", action, requestId, payload: data, isExtension }, targetOrigin); // Set up a timeout to automatically reject if no response is received const timeoutId = setTimeout(() => { diff --git a/src/qortalRequests/get.ts b/src/qortalRequests/get.ts index b53fa5a..66ae7cb 100644 --- a/src/qortalRequests/get.ts +++ b/src/qortalRequests/get.ts @@ -208,9 +208,11 @@ function getFileFromContentScript(fileId) { fileRequestResolvers.set(requestId, { resolve, reject }); // Store resolvers by requestId // Send the request message + const targetOrigin = window.location.origin; + window.postMessage( { action: "getFileFromIndexedDB", fileId, requestId }, - "*" + targetOrigin ); // Timeout to handle no response scenario @@ -224,12 +226,6 @@ function getFileFromContentScript(fileId) { } -// function sendToSaveFilePicker(data) { -// window.postMessage({ -// action: "SHOW_SAVE_FILE_PICKER", -// payload: data, -// }, "*"); -// } const responseResolvers = new Map(); @@ -253,11 +249,12 @@ async function getUserPermission(payload, isFromExtension) { return new Promise((resolve) => { const requestId = `qortalRequest_${Date.now()}`; responseResolvers.set(requestId, resolve); // Store resolver by requestId + const targetOrigin = window.location.origin; // Send the request message window.postMessage( { action: "QORTAL_REQUEST_PERMISSION", payload, requestId, isFromExtension }, - "*" + targetOrigin ); // Optional timeout to handle no response scenario diff --git a/src/utils/indexedDB.ts b/src/utils/indexedDB.ts index ffcf38c..8348569 100644 --- a/src/utils/indexedDB.ts +++ b/src/utils/indexedDB.ts @@ -1,3 +1,6 @@ +import { openIndexedDB } from "../components/Apps/useQortalMessageListener"; +import { fileToBase64 } from "./fileReading"; + export async function handleGetFileFromIndexedDB(event) { try { const { fileId, requestId } = event.data; @@ -21,10 +24,11 @@ export async function handleGetFileFromIndexedDB(event) { deleteRequest.onsuccess = function () { try { - + const targetOrigin = window.location.origin; + window.postMessage( { action: "getFileFromIndexedDBResponse", requestId, result: base64String }, - "*" + targetOrigin ); } catch (error) { console.log('error', error) @@ -41,21 +45,24 @@ export async function handleGetFileFromIndexedDB(event) { result: null, error: "Failed to convert file to Base64", }); + const targetOrigin = window.location.origin; + window.postMessage( { action: "getFileFromIndexedDBResponse", requestId, result: null, error: "Failed to convert file to Base64" }, - "*" + targetOrigin ); } } else { console.error(`File with ID ${fileId} not found in IndexedDB`); - + const targetOrigin = window.location.origin; + window.postMessage( { action: "getFileFromIndexedDBResponse", requestId, result: null, error: 'File not found in IndexedDB' }, - "*" + targetOrigin ); } };