FATAL: prevent cross-origin error in iframe if Xerte itself is in iframe

To be able to track standalone pages there is some cod eto check if parent exists and if a certain attribute is set. This gives a DOMException and cross-origin error if Xerte itelf is embedded in en iframe, because than parent exists, but you are not allowed to inspect an attribute. Solution is to wrap those checks in a try block and catch the exception.
thexerteproject · Apr 18, 2023 · e46a9f6 · e46a9f6
1 parent 34af480
commit e46a9f6
Show file tree

Hide file tree

Showing 8 changed files with 619 additions and 586 deletions.
diff --git a/modules/site/parent_templates/site/common/js/xttracking_noop.js b/modules/site/parent_templates/site/common/js/xttracking_noop.js
@@ -953,20 +953,21 @@ var state = new NoopTrackingState();
 // Enable debugging for now
 state.debug = true;
 
-function XTInitialise(category)
-{
+function XTInitialise(category) {
     // Tom Reijnders 2022-10-06: Trying to handle tracking of standalone pages where the page is a page of the same LO
     // Specifically when the standalone page is shown in a lightbox
     // We make use of the fact that in javascript, assigning a variable is done through reference, so we actually
     // point the state variable (of the standalone page) to the parent state variable (of the main LO)
-    if (parent != self && parent.x_TemplateId != undefined && parent.x_TemplateId == x_TemplateId && parent.state != undefined) {
-        state = parent.state;
-    }
-    else {
-        if (!state.initialised) {
-            state.initialised = true;
-            state.initialise();
+    try {
+        if (parent != self && parent.x_TemplateId != undefined && parent.x_TemplateId == x_TemplateId && parent.state != undefined) {
+            state = parent.state;
         }
+    } catch (e) {
+        // Do nothing
+    }
+    if (!state.initialised) {
+        state.initialised = true;
+        state.initialise();
     }
 }