Projet

Général

Profil

0001-franceconnect-add-reverse-tabnabbing-protection-4321.patch

Thomas Noël, 22 mai 2020 11:04

Télécharger (1,24 ko)

Voir les différences: 

Subject: [PATCH] franceconnect: add reverse-tabnabbing protection (#43217)


 src/authentic2_auth_fc/static/authentic2_auth_fc/js/fc.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
src/authentic2_auth_fc/static/authentic2_auth_fc/js/fc.js
12 12 

  		




  13
  13
  
    
        var left = ((width / 2) - (w / 2)) + dualScreenLeft;

  		




  14
  14
  
    
        var top = ((height / 2) - (h / 2)) + dualScreenTop;

  		




  15
  
  
    
        var newWindow = window.open(url, title, 'location=0,status=0,menubar=0,toolbar=0,scrollbars=yes, width=' + w + ', height=' + h + ', top=' + top + ', left=' + left);

  		




  
  15
  
    
        var newWindow = window.open(url, title, 'noopener,noreferrer,location=0,status=0,menubar=0,toolbar=0,scrollbars=yes, width=' + w + ', height=' + h + ', top=' + top + ', left=' + left);

  		




  
  16
  
    
        newWindow.opener = null;

  		




  16
  17
  
    

  		




  17
  18
  
    
        // Puts focus on the newWindow

  		




  18
  19
  
    
        if (window.focus) {

  		




  19
  
  
    
-