🚀 Socket Launch Week Day 5:Introducing Repository Access Permissions and Custom Roles.Learn more →
ifapi - npm Package Compare versions
+31
-6
@@ -5,3 +5,3 @@ export * from "./legacy-version.js"; | ||
| try { | ||
| window.parent.postMessage(JSON.stringify(resp), "*"); | ||
| window.parent.postMessage(JSON.stringify(resp), window.parent.location.origin); | ||
| } | ||
@@ -35,5 +35,25 @@ catch (e) { | ||
| } | ||
| function getIframeOrigin(frame) { | ||
| if (!frame || !frame.src) | ||
| return ""; | ||
| const url = new URL(frame.src); | ||
| return url.origin; | ||
| } | ||
| function isFromIframe(e) { | ||
| if (!e || !e.origin) | ||
| return false; | ||
| const iframes = document.querySelectorAll("iframe"); | ||
| const source = e.origin; | ||
| for (const f of iframes) { | ||
| const origin = getIframeOrigin(f); | ||
| if (origin === source) | ||
| return true; | ||
| } | ||
| return false; | ||
| } | ||
| // 暴露API接口供业务系统调用 | ||
| export function expose(apiHandlers, originVertify) { | ||
| function listener(e) { | ||
| if (!e || !e.origin || e.origin !== window.parent.location.origin) | ||
| return; | ||
| let data = null; | ||
@@ -72,2 +92,4 @@ try { | ||
| export function callMethodResponseListener(e) { | ||
| if (!isFromIframe(e)) | ||
| return; | ||
| let resp = null; | ||
@@ -97,6 +119,5 @@ try { | ||
| return new Promise((resolve, reject) => { | ||
| var _a; | ||
| const frame = window.frames[frameID]; | ||
| if (!frame) { | ||
| reject(`iframe not found: ${frameID}`); | ||
| if (!frame || !frame.contentWindow || !frame.src) { | ||
| reject(`iframe or the src attribute of the iframe does not exist: ${frameID}`); | ||
| return; | ||
@@ -107,3 +128,4 @@ } | ||
| const requestData = { id, actionName, params, eventType: EventType.callMethodRequest }; | ||
| (_a = frame.contentWindow) === null || _a === void 0 ? void 0 : _a.postMessage(JSON.stringify(requestData), frame.src); | ||
| const target = getIframeOrigin(frame); | ||
| frame.contentWindow.postMessage(JSON.stringify(requestData), target); | ||
| }); | ||
@@ -114,3 +136,4 @@ } | ||
| try { | ||
| window.parent.postMessage(JSON.stringify(event), "*"); | ||
| const target = window.parent.location.origin; | ||
| window.parent.postMessage(JSON.stringify(event), target); | ||
| } | ||
@@ -123,2 +146,4 @@ catch (error) { | ||
| function listener(e) { | ||
| if (!isFromIframe(e)) | ||
| return; | ||
| let req = null; | ||
@@ -125,0 +150,0 @@ try { |
+27
-5
@@ -6,3 +6,3 @@ export * from "./legacy-version.js"; | ||
| try { | ||
| window.parent.postMessage(JSON.stringify(resp), "*"); | ||
| window.parent.postMessage(JSON.stringify(resp), window.parent.location.origin); | ||
| } catch (e) { | ||
@@ -58,5 +58,23 @@ return; | ||
| function getIframeOrigin(frame: HTMLIFrameElement | null): string { | ||
| if (!frame || !frame.src) return ""; | ||
| const url = new URL(frame.src); | ||
| return url.origin; | ||
| } | ||
| function isFromIframe(e: any): boolean { | ||
| if (!e || !e.origin) return false; | ||
| const iframes = document.querySelectorAll("iframe"); | ||
| const source = e.origin; | ||
| for (const f of iframes) { | ||
| const origin = getIframeOrigin(f); | ||
| if (origin === source) return true; | ||
| } | ||
| return false; | ||
| } | ||
| // 暴露API接口供业务系统调用 | ||
| export function expose(apiHandlers: Record<string, Function>, originVertify?: (origin: string) => boolean) { | ||
| function listener(e: any) { | ||
| if (!e || !e.origin || e.origin !== window.parent.location.origin) return; | ||
| let data: IframeRequest | null = null; | ||
@@ -97,2 +115,3 @@ try { | ||
| export function callMethodResponseListener(e: any) { | ||
| if (!isFromIframe(e)) return; | ||
| let resp: IframeResponse | null = null; | ||
@@ -121,4 +140,4 @@ try { | ||
| const frame: HTMLIFrameElement = (window.frames as any)[frameID]; | ||
| if (!frame) { | ||
| reject(`iframe not found: ${frameID}`); | ||
| if (!frame || !frame.contentWindow || !frame.src) { | ||
| reject(`iframe or the src attribute of the iframe does not exist: ${frameID}`); | ||
| return; | ||
@@ -129,3 +148,4 @@ } | ||
| const requestData: IframeRequest = { id, actionName, params, eventType: EventType.callMethodRequest }; | ||
| frame.contentWindow?.postMessage(JSON.stringify(requestData), frame.src); | ||
| const target = getIframeOrigin(frame); | ||
| frame.contentWindow.postMessage(JSON.stringify(requestData), target); | ||
| }); | ||
@@ -137,3 +157,4 @@ } | ||
| try { | ||
| window.parent.postMessage(JSON.stringify(event), "*"); | ||
| const target = window.parent.location.origin; | ||
| window.parent.postMessage(JSON.stringify(event), target); | ||
| } catch (error) { | ||
@@ -146,2 +167,3 @@ return; | ||
| function listener(e: any) { | ||
| if (!isFromIframe(e)) return; | ||
| let req: IframeEvent | null = null; | ||
@@ -148,0 +170,0 @@ try { |
+1
-1
| { | ||
| "name": "ifapi", | ||
| "version": "2.0.2", | ||
| "version": "3.0.0", | ||
| "type": "module", | ||
@@ -5,0 +5,0 @@ "main": "main.js", |
No alert changes
Improved metrics
- Total package byte prevSize
15992
11.01%- Lines of code
397
12.78%No dependency changes