Kraut.World/server
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3111 commits 21 branches 1 tag 47 MiB
Commit graph

14 commits

Author SHA1 Message Date
David Négrier
41fd848fa0 Fixed potential injection by switching map container to PHP 
Some HTML files were importing iframe_api.js automatically by detecting the referrer document.

While this was done in a safe way (the map container does not use cookies), it is not
a best practice to load a script originating from document.referrer.

This PR solves the issue by using PHP to inject the correct domain name in the HTML files.
 2021-11-29 19:05:13 +01:00
David Négrier
303d2a7837 Adding a warning regarding the "controlled" XSS in iframe.html 2021-06-28 13:55:17 +02:00
David Négrier
330a795fee Trying to find iframe_api.js URL script dynamically 
This would allow us to have tests that don't rely on the iframe_api.js from prod, and would allow scripts that target the correct iframe API, no matter if they are running on workadventu.re or on self-hosted maps.
 2021-06-28 11:51:13 +02:00
GRL
8f21ea8385 suppression last line of loadtileset 2021-05-28 14:33:16 +02:00
GRL
3506063e65 first step on loading a tileset from a script 2021-05-20 17:09:10 +02:00
GRL
96545c618a Adding maps for test metadata 
Documentation of metadata functions/methods
 2021-05-20 08:58:05 +02:00
GRL
ce0a72c6ce Merge branch 'menu-command-api' of github.com:jonnytest1/workadventure into metadataScriptingApi 2021-05-19 09:36:11 +02:00
GRL
43aad4ab14 phaserLayers managed by Gamemap 
Implementation of LayersFlattener
Implementation of Setting properties of a layer form script
Update show/hide layer form script
Update unit test of LayersIteratorTest
 2021-05-12 14:30:12 +02:00
GRL
973b3405ef documentation of show/hide layer 2021-05-10 15:10:11 +02:00
GRL
8edd29abaa suppression console.log 2021-05-10 14:43:00 +02:00
GRL
cd2d090a8b Merge branch 'develop' of github.com:thecodingmachine/workadventure into metadataScriptingApi 2021-05-10 11:46:16 +02:00
GRL
a6ba8d41b9 implement show/hide layer with scripting 2021-05-10 11:19:18 +02:00
David Négrier
e927e0fa16 Adding ability to listen to user types chat messages using WA.onChatMessage 2021-03-06 15:26:07 +01:00
David Négrier
eb93a04341 Adding an API for inter-iframe communication 
Adds a first version of an API to communicate between an iFrame opened by WorkAdventure and WorkAdventure itself.
The first API method is a method allowing to add messages in the chat, from the iFrame.

Comes with a test file.
 2021-03-04 19:00:00 +01:00