@stackable-labs/sdk-extension-host 1.88.0 → 1.89.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/SandboxManager.d.ts +1 -0
  2. package/dist/SandboxManager.js +10 -1
  3. package/dist/SandboxManager.js.map +1 -1
  4. package/package.json +1 -1
package/dist/SandboxManager.d.ts CHANGED
@@ -7,6 +7,7 @@ export interface SandboxInstance {
7
7
  iframe: HTMLIFrameElement;
8
8
  manifest: ExtensionRegistryEntry['manifest'];
9
9
  ready: boolean;
10
+ expectedOrigin: string;
10
11
  messageHandlers: Set<(msg: SandboxToHostMessage) => void>;
11
12
  }
12
13
  /**
package/dist/SandboxManager.js CHANGED
@@ -33,6 +33,8 @@ export const createSandbox = async (entry, container) => {
33
33
  iframe.style.height = '0';
34
34
  iframe.style.border = 'none';
35
35
  const isLocalBundle = entry.bundleUrl.startsWith('http') && !entry.bundleUrl.endsWith('.js');
36
+ // srcdoc iframes have origin 'null' (literal string); dev-mode iframes have the dev server origin
37
+ const expectedOrigin = isLocalBundle ? new URL(entry.bundleUrl).origin : 'null';
36
38
  if (isLocalBundle) {
37
39
  // Dev mode: point iframe.src to a sandbox page served by the extension's dev server
38
40
  const devUrl = new URL(entry.bundleUrl);
@@ -72,10 +74,15 @@ export const createSandbox = async (entry, container) => {
72
74
  iframe,
73
75
  manifest: entry.manifest,
74
76
  ready: false,
77
+ expectedOrigin,
75
78
  messageHandlers: new Set(),
76
79
  };
77
80
  // Listen for messages from this sandbox
78
81
  const handleMessage = (event) => {
82
+ // Validate message origin matches expected sandbox origin
83
+ if (event.origin !== instance.expectedOrigin) {
84
+ return;
85
+ }
79
86
  const msg = event.data;
80
87
  if (!msg || typeof msg !== 'object' || !('type' in msg)) {
81
88
  return;
@@ -103,7 +110,9 @@ export const postToSandbox = (extensionId, message) => {
103
110
  console.warn(`Sandbox not found for extension: ${extensionId}`);
104
111
  return;
105
112
  }
106
- instance.iframe.contentWindow.postMessage(message, '*');
113
+ // srcdoc iframes have origin 'null' — postMessage requires '*' for null-origin targets
114
+ const targetOrigin = instance.expectedOrigin === 'null' ? '*' : instance.expectedOrigin;
115
+ instance.iframe.contentWindow.postMessage(message, targetOrigin);
107
116
  };
108
117
  /**
109
118
  * Get a sandbox instance by extension ID.
package/dist/SandboxManager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"SandboxManager.js","sourceRoot":"","sources":["../src/SandboxManager.ts"],"names":[],"mappings":"AAAA;;GAEG;AAOH,MAAM,UAAU,GAAG,GAAW,EAAE;IAC9B,IAAI,CAAC;QACH,OAAO,YAAY,IAAI,KAAK,CAAA;IAC9B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC,CAAA;AAUD,MAAM,SAAS,GAAG,IAAI,GAAG,EAA2B,CAAA;AAEpD;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,KAAK,EAAE,KAA6B,EAAE,SAAsB,EAAmC,EAAE;IAC5H,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAA;IACxC,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO,QAAQ,CAAA;IACjB,CAAC;IAED,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;QACrB,OAAO,CAAC,IAAI,CAAC,8BAA8B,KAAK,CAAC,EAAE,mDAAmD,CAAC,CAAA;QACvG,OAAO,IAAI,CAAA;IACb,CAAC;IAED,MAAM,MAAM,GAAG,QAAQ,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAA;IAC/C,MAAM,CAAC,YAAY,CAAC,SAAS,EAAE,iCAAiC,CAAC,CAAA;IACjE,MAAM,CAAC,KAAK,CAAC,OAAO,GAAG,MAAM,CAAA;IAC7B,MAAM,CAAC,KAAK,CAAC,KAAK,GAAG,GAAG,CAAA;IACxB,MAAM,CAAC,KAAK,CAAC,MAAM,GAAG,GAAG,CAAA;IACzB,MAAM,CAAC,KAAK,CAAC,MAAM,GAAG,MAAM,CAAA;IAE5B,MAAM,aAAa,GAAG,KAAK,CAAC,SAAS,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;IAE5F,IAAI,aAAa,EAAE,CAAC;QAClB,oFAAoF;QACpF,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;QACvC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,KAAK,CAAC,EAAE,CAAC,CAAA;QAClD,MAAM,CAAC,GAAG,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAA;QAC9B,OAAO,CAAC,IAAI,CAAC,6CAA6C,KAAK,CAAC,EAAE,mDAAmD,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAA;IAC3I,CAAC;SAAM,CAAC;QACN,2FAA2F;QAC3F,IAAI,UAAU,GAAG,EAAE,CAAA;QACnB,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,UAAU,EAAE,CAAA;YAC5B,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,KAAK,CAAC,SAAS,OAAO,OAAO,EAAE,CAAC,CAAA;YAC3D,UAAU,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAA;QAC/B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,+CAA+C,KAAK,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAA;QAChF,CAAC;QAED,MAAM,WAAW,GAAG;;;;;;;;2CAQmB,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC;wBAC3C,UAAU;;QAE1B,CAAA;QACJ,MAAM,CAAC,MAAM,GAAG,WAAW,CAAA;QAC3B,OAAO,CAAC,IAAI,CAAC,gDAAgD,KAAK,CAAC,EAAE,yBAAyB,WAAW,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAA;IAChI,CAAC;IAED,SAAS,CAAC,WAAW,CAAC,MAAM,CAAC,CAAA;IAE7B,MAAM,QAAQ,GAAoB;QAChC,WAAW,EAAE,KAAK,CAAC,EAAE;QACrB,MAAM;QACN,QAAQ,EAAE,KAAK,CAAC,QAAQ;QACxB,KAAK,EAAE,KAAK;QACZ,eAAe,EAAE,IAAI,GAAG,EAAE;KAC3B,CAAA;IAED,wCAAwC;IACxC,MAAM,aAAa,GAAG,CAAC,KAAmB,EAAE,EAAE;QAC5C,MAAM,GAAG,GAAG,KAAK,CAAC,IAA4B,CAAA;QAC9C,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,CAAC,CAAC,MAAM,IAAI,GAAG,CAAC,EAAE,CAAC;YACxD,OAAM;QACR,CAAC;QAED,kEAAkE;QAClE,MAAM,QAAQ,GAAG,aAAa,IAAI,GAAG,CAAC,CAAC,CAAE,GAA+B,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAA;QAChG,IAAI,QAAQ,KAAK,KAAK,CAAC,EAAE,EAAE,CAAC;YAC1B,OAAM;QACR,CAAC;QAED,IAAI,GAAG,CAAC,IAAI,KAAK,iBAAiB,EAAE,CAAC;YACnC,QAAQ,CAAC,KAAK,GAAG,IAAI,CAAA;QACvB,CAAC;QAED,QAAQ,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAA;IAC7D,CAAC,CAAA;IAED,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,aAAa,CAAC,CAAA;IAEjD,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;IACjC,OAAO,QAAQ,CAAA;AACjB,CAAC,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,WAAmB,EAAE,OAA6B,EAAQ,EAAE;IACxF,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;IAC3C,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,aAAa,EAAE,CAAC;QACpC,OAAO,CAAC,IAAI,CAAC,oCAAoC,WAAW,EAAE,CAAC,CAAA;QAC/D,OAAM;IACR,CAAC;IACD,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,WAAW,CAAC,OAAO,EAAE,GAAG,CAAC,CAAA;AACzD,CAAC,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,WAAmB,EAA+B,EAAE,CAAC,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;AAE1G;;GAEG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,WAAmB,EAAQ,EAAE;IAC1D,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;IAC3C,IAAI,QAAQ,EAAE,CAAC;QACb,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,CAAA;QACxB,QAAQ,CAAC,eAAe,CAAC,KAAK,EAAE,CAAA;QAChC,SAAS,CAAC,MAAM,CAAC,WAAW,CAAC,CAAA;IAC/B,CAAC;AACH,CAAC,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,GAAiC,EAAE,CAAC,SAAS,CAAA"}
1
+ {"version":3,"file":"SandboxManager.js","sourceRoot":"","sources":["../src/SandboxManager.ts"],"names":[],"mappings":"AAAA;;GAEG;AAOH,MAAM,UAAU,GAAG,GAAW,EAAE;IAC9B,IAAI,CAAC;QACH,OAAO,YAAY,IAAI,KAAK,CAAA;IAC9B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAA;IACd,CAAC;AACH,CAAC,CAAA;AAWD,MAAM,SAAS,GAAG,IAAI,GAAG,EAA2B,CAAA;AAEpD;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,KAAK,EAAE,KAA6B,EAAE,SAAsB,EAAmC,EAAE;IAC5H,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAA;IACxC,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO,QAAQ,CAAA;IACjB,CAAC;IAED,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;QACrB,OAAO,CAAC,IAAI,CAAC,8BAA8B,KAAK,CAAC,EAAE,mDAAmD,CAAC,CAAA;QACvG,OAAO,IAAI,CAAA;IACb,CAAC;IAED,MAAM,MAAM,GAAG,QAAQ,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAA;IAC/C,MAAM,CAAC,YAAY,CAAC,SAAS,EAAE,iCAAiC,CAAC,CAAA;IACjE,MAAM,CAAC,KAAK,CAAC,OAAO,GAAG,MAAM,CAAA;IAC7B,MAAM,CAAC,KAAK,CAAC,KAAK,GAAG,GAAG,CAAA;IACxB,MAAM,CAAC,KAAK,CAAC,MAAM,GAAG,GAAG,CAAA;IACzB,MAAM,CAAC,KAAK,CAAC,MAAM,GAAG,MAAM,CAAA;IAE5B,MAAM,aAAa,GAAG,KAAK,CAAC,SAAS,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;IAC5F,kGAAkG;IAClG,MAAM,cAAc,GAAG,aAAa,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAA;IAE/E,IAAI,aAAa,EAAE,CAAC;QAClB,oFAAoF;QACpF,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,CAAA;QACvC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,KAAK,CAAC,EAAE,CAAC,CAAA;QAClD,MAAM,CAAC,GAAG,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAA;QAC9B,OAAO,CAAC,IAAI,CAAC,6CAA6C,KAAK,CAAC,EAAE,mDAAmD,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAA;IAC3I,CAAC;SAAM,CAAC;QACN,2FAA2F;QAC3F,IAAI,UAAU,GAAG,EAAE,CAAA;QACnB,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,UAAU,EAAE,CAAA;YAC5B,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,KAAK,CAAC,SAAS,OAAO,OAAO,EAAE,CAAC,CAAA;YAC3D,UAAU,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAA;QAC/B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,+CAA+C,KAAK,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAA;QAChF,CAAC;QAED,MAAM,WAAW,GAAG;;;;;;;;2CAQmB,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC;wBAC3C,UAAU;;QAE1B,CAAA;QACJ,MAAM,CAAC,MAAM,GAAG,WAAW,CAAA;QAC3B,OAAO,CAAC,IAAI,CAAC,gDAAgD,KAAK,CAAC,EAAE,yBAAyB,WAAW,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAA;IAChI,CAAC;IAED,SAAS,CAAC,WAAW,CAAC,MAAM,CAAC,CAAA;IAE7B,MAAM,QAAQ,GAAoB;QAChC,WAAW,EAAE,KAAK,CAAC,EAAE;QACrB,MAAM;QACN,QAAQ,EAAE,KAAK,CAAC,QAAQ;QACxB,KAAK,EAAE,KAAK;QACZ,cAAc;QACd,eAAe,EAAE,IAAI,GAAG,EAAE;KAC3B,CAAA;IAED,wCAAwC;IACxC,MAAM,aAAa,GAAG,CAAC,KAAmB,EAAE,EAAE;QAC5C,0DAA0D;QAC1D,IAAI,KAAK,CAAC,MAAM,KAAK,QAAQ,CAAC,cAAc,EAAE,CAAC;YAC7C,OAAM;QACR,CAAC;QAED,MAAM,GAAG,GAAG,KAAK,CAAC,IAA4B,CAAA;QAC9C,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,CAAC,CAAC,MAAM,IAAI,GAAG,CAAC,EAAE,CAAC;YACxD,OAAM;QACR,CAAC;QAED,kEAAkE;QAClE,MAAM,QAAQ,GAAG,aAAa,IAAI,GAAG,CAAC,CAAC,CAAE,GAA+B,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAA;QAChG,IAAI,QAAQ,KAAK,KAAK,CAAC,EAAE,EAAE,CAAC;YAC1B,OAAM;QACR,CAAC;QAED,IAAI,GAAG,CAAC,IAAI,KAAK,iBAAiB,EAAE,CAAC;YACnC,QAAQ,CAAC,KAAK,GAAG,IAAI,CAAA;QACvB,CAAC;QAED,QAAQ,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAA;IAC7D,CAAC,CAAA;IAED,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,aAAa,CAAC,CAAA;IAEjD,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAA;IACjC,OAAO,QAAQ,CAAA;AACjB,CAAC,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,CAAC,WAAmB,EAAE,OAA6B,EAAQ,EAAE;IACxF,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;IAC3C,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,aAAa,EAAE,CAAC;QACpC,OAAO,CAAC,IAAI,CAAC,oCAAoC,WAAW,EAAE,CAAC,CAAA;QAC/D,OAAM;IACR,CAAC;IACD,uFAAuF;IACvF,MAAM,YAAY,GAAG,QAAQ,CAAC,cAAc,KAAK,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,cAAc,CAAA;IACvF,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,WAAW,CAAC,OAAO,EAAE,YAAY,CAAC,CAAA;AAClE,CAAC,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,WAAmB,EAA+B,EAAE,CAAC,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;AAE1G;;GAEG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,WAAmB,EAAQ,EAAE;IAC1D,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;IAC3C,IAAI,QAAQ,EAAE,CAAC;QACb,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,CAAA;QACxB,QAAQ,CAAC,eAAe,CAAC,KAAK,EAAE,CAAA;QAChC,SAAS,CAAC,MAAM,CAAC,WAAW,CAAC,CAAA;IAC/B,CAAC;AACH,CAAC,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,GAAiC,EAAE,CAAC,SAAS,CAAA"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@stackable-labs/sdk-extension-host",
3
- "version": "1.88.0",
3
+ "version": "1.89.0",
4
4
  "type": "module",
5
5
  "private": false,
6
6
  "main": "./dist/index.js",