You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@myfaces.apache.org by lo...@apache.org on 2015/02/11 11:10:43 UTC

svn commit: r1658912 - /myfaces/tobago/trunk/tobago-theme/tobago-theme-standard/src/main/resources/org/apache/myfaces/tobago/renderkit/html/standard/standard/script/tobago.js

Author: lofwyr
Date: Wed Feb 11 10:10:43 2015
New Revision: 1658912

URL: http://svn.apache.org/r1658912
Log:
TOBAGO-1441: The clickjacking / frame attack - protection should give a visible feedback

Modified:
    myfaces/tobago/trunk/tobago-theme/tobago-theme-standard/src/main/resources/org/apache/myfaces/tobago/renderkit/html/standard/standard/script/tobago.js

Modified: myfaces/tobago/trunk/tobago-theme/tobago-theme-standard/src/main/resources/org/apache/myfaces/tobago/renderkit/html/standard/standard/script/tobago.js
URL: http://svn.apache.org/viewvc/myfaces/tobago/trunk/tobago-theme/tobago-theme-standard/src/main/resources/org/apache/myfaces/tobago/renderkit/html/standard/standard/script/tobago.js?rev=1658912&r1=1658911&r2=1658912&view=diff
==============================================================================
--- myfaces/tobago/trunk/tobago-theme/tobago-theme-standard/src/main/resources/org/apache/myfaces/tobago/renderkit/html/standard/standard/script/tobago.js (original)
+++ myfaces/tobago/trunk/tobago-theme/tobago-theme-standard/src/main/resources/org/apache/myfaces/tobago/renderkit/html/standard/standard/script/tobago.js Wed Feb 11 10:10:43 2015
@@ -992,13 +992,15 @@ var Tobago = {
     if (self == top) {
       jQuery(".tobago-page-preventFrameAttacks").removeClass("tobago-page-preventFrameAttacks");
     } else {
-      var page = jQuery(".tobago-page");
-      page.attr("title", "This application can't be used embedded inside an other site " +
-      "(configuration: prevent-frame-attacks=true)!");
-      var image = jQuery("body>.tobago-page-overlayErrorPreloadedImage").clone();
-      image.appendTo(page);
-      image.removeClass("tobago-page-overlayErrorPreloadedImage");
-      image.css({margin: "20px"});
+      if (jQuery(".tobago-page-preventFrameAttacks").size() > 0) { // preventFrameAttacks is true
+        var page = jQuery(".tobago-page");
+        page.attr("title", "This application can't be used embedded inside an other site " +
+        "(configuration: prevent-frame-attacks=true)!");
+        var image = jQuery("body>.tobago-page-overlayErrorPreloadedImage").clone();
+        image.appendTo(page);
+        image.removeClass("tobago-page-overlayErrorPreloadedImage");
+        image.css({margin: "20px"});
+      }
     }
   },