@firebase/auth 1.6.2-canary.1eb302f5a → 1.6.2-canary.9ca1a4e4f

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (42) hide show
  1. package/dist/browser-cjs/{index-c83b671a.js → index-4bb741aa.js} +13 -8
  2. package/dist/{esm2017/index-0618d52e.js.map → browser-cjs/index-4bb741aa.js.map} +1 -1
  3. package/dist/browser-cjs/index.js +1 -1
  4. package/dist/browser-cjs/internal.js +1 -1
  5. package/dist/cordova/index.js +2 -2
  6. package/dist/cordova/internal.js +15 -10
  7. package/dist/cordova/internal.js.map +1 -1
  8. package/dist/cordova/{popup_redirect-b062de71.js → popup_redirect-e6ea1b98.js} +2 -2
  9. package/dist/cordova/{popup_redirect-b062de71.js.map → popup_redirect-e6ea1b98.js.map} +1 -1
  10. package/dist/esm2017/{index-0618d52e.js → index-7b6b96fc.js} +13 -8
  11. package/dist/{browser-cjs/index-c83b671a.js.map → esm2017/index-7b6b96fc.js.map} +1 -1
  12. package/dist/esm2017/index.js +1 -1
  13. package/dist/esm2017/internal.js +2 -2
  14. package/dist/esm5/{index-b795af8f.js → index-34b18b0c.js} +15 -10
  15. package/dist/esm5/{index-b795af8f.js.map → index-34b18b0c.js.map} +1 -1
  16. package/dist/esm5/index.js +1 -1
  17. package/dist/esm5/internal.js +2 -2
  18. package/dist/index.webworker.esm5.js +1 -1
  19. package/dist/node/index.js +1 -1
  20. package/dist/node/internal.js +1 -1
  21. package/dist/node/{totp-7df9dd11.js → totp-52ef78b2.js} +2 -2
  22. package/dist/node/{totp-7df9dd11.js.map → totp-52ef78b2.js.map} +1 -1
  23. package/dist/node-esm/index.js +1 -1
  24. package/dist/node-esm/internal.js +2 -2
  25. package/dist/node-esm/{totp-979f9b94.js → totp-731b74ae.js} +2 -2
  26. package/dist/node-esm/{totp-979f9b94.js.map → totp-731b74ae.js.map} +1 -1
  27. package/dist/rn/{index-f3976797.js → index-bb64bc87.js} +2 -2
  28. package/dist/rn/{index-f3976797.js.map → index-bb64bc87.js.map} +1 -1
  29. package/dist/rn/index.js +1 -1
  30. package/dist/rn/internal.js +14 -9
  31. package/dist/rn/internal.js.map +1 -1
  32. package/dist/web-extension-cjs/index.js +1 -1
  33. package/dist/web-extension-cjs/internal.js +12 -7
  34. package/dist/web-extension-cjs/internal.js.map +1 -1
  35. package/dist/web-extension-cjs/{register-5cf45fcf.js → register-715e1b3d.js} +2 -2
  36. package/dist/web-extension-cjs/{register-5cf45fcf.js.map → register-715e1b3d.js.map} +1 -1
  37. package/dist/web-extension-esm2017/index.js +2 -2
  38. package/dist/web-extension-esm2017/internal.js +13 -8
  39. package/dist/web-extension-esm2017/internal.js.map +1 -1
  40. package/dist/web-extension-esm2017/{register-bd5654eb.js → register-c8de982b.js} +2 -2
  41. package/dist/web-extension-esm2017/{register-bd5654eb.js.map → register-c8de982b.js.map} +1 -1
  42. package/package.json +7 -7
package/dist/rn/index.js CHANGED
@@ -3,7 +3,7 @@
3
3
  Object.defineProperty(exports, '__esModule', { value: true });
4
4
 
5
5
  var app = require('@firebase/app');
6
- var index = require('./index-f3976797.js');
6
+ var index = require('./index-bb64bc87.js');
7
7
  var tslib = require('tslib');
8
8
  require('@firebase/util');
9
9
  require('@firebase/component');
package/dist/rn/internal.js CHANGED
@@ -2,7 +2,7 @@
2
2
 
3
3
  Object.defineProperty(exports, '__esModule', { value: true });
4
4
 
5
- var index = require('./index-f3976797.js');
5
+ var index = require('./index-bb64bc87.js');
6
6
  var tslib = require('tslib');
7
7
  var util = require('@firebase/util');
8
8
  var app = require('@firebase/app');
@@ -3010,14 +3010,19 @@ function getAuth(app$1) {
3010
3010
  ]
3011
3011
  });
3012
3012
  var authTokenSyncPath = util.getExperimentalSetting('authTokenSyncURL');
3013
- // Don't allow urls (XSS possibility), only paths on the same domain
3014
- // (starting with a single '/')
3015
- if (authTokenSyncPath && authTokenSyncPath.match(/^\/[^\/].*/)) {
3016
- var mintCookie_1 = mintCookieFactory(authTokenSyncPath);
3017
- index.beforeAuthStateChanged(auth, mintCookie_1, function () {
3018
- return mintCookie_1(auth.currentUser);
3019
- });
3020
- index.onIdTokenChanged(auth, function (user) { return mintCookie_1(user); });
3013
+ // Only do the Cookie exchange in a secure context
3014
+ if (authTokenSyncPath &&
3015
+ typeof isSecureContext === 'boolean' &&
3016
+ isSecureContext) {
3017
+ // Don't allow urls (XSS possibility), only paths on the same domain
3018
+ var authTokenSyncUrl = new URL(authTokenSyncPath, location.origin);
3019
+ if (location.origin === authTokenSyncUrl.origin) {
3020
+ var mintCookie_1 = mintCookieFactory(authTokenSyncUrl.toString());
3021
+ index.beforeAuthStateChanged(auth, mintCookie_1, function () {
3022
+ return mintCookie_1(auth.currentUser);
3023
+ });
3024
+ index.onIdTokenChanged(auth, function (user) { return mintCookie_1(user); });
3025
+ }
3021
3026
  }
3022
3027
  var authEmulatorHost = util.getDefaultEmulatorHost('auth');
3023
3028
  if (authEmulatorHost) {