@thewhateverapp/tile-sdk 0.3.0 → 0.3.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"TileBridge.d.ts","sourceRoot":"","sources":["../../src/bridge/TileBridge.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,GAAG,CAAC;IACd,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,UAAU;IACzB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC;IACvC,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,OAAO,GAAG,MAAM,CAAC;IACzB,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB;AAED,qBAAa,UAAU;IACrB,OAAO,CAAC,MAAM,CAA2B;IACzC,OAAO,CAAC,YAAY,CAAqB;IACzC,OAAO,CAAC,gBAAgB,CAAmD;IAC3E,OAAO,CAAC,aAAa,CAAoD;IACzE,OAAO,CAAC,KAAK,CAAS;IACtB,OAAO,CAAC,YAAY,CAAS;gBAEjB,cAAc,GAAE,MAAkC;IA4B9D,OAAO,CAAC,UAAU;IAuBlB,OAAO,CAAC,aAAa;IAyCrB,OAAO,CAAC,YAAY;IAgBpB,OAAO,CAAC,cAAc;IAUtB,OAAO,CAAC,WAAW;IAInB,OAAO,CAAC,cAAc;IAuBtB,OAAO,CAAC,YAAY;IAmCpB;;OAEG;IACI,cAAc,IAAI,IAAI;
|
|
1
|
+
{"version":3,"file":"TileBridge.d.ts","sourceRoot":"","sources":["../../src/bridge/TileBridge.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,GAAG,CAAC;IACd,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,UAAU;IACzB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC;IACvC,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,OAAO,GAAG,MAAM,CAAC;IACzB,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB;AAED,qBAAa,UAAU;IACrB,OAAO,CAAC,MAAM,CAA2B;IACzC,OAAO,CAAC,YAAY,CAAqB;IACzC,OAAO,CAAC,gBAAgB,CAAmD;IAC3E,OAAO,CAAC,aAAa,CAAoD;IACzE,OAAO,CAAC,KAAK,CAAS;IACtB,OAAO,CAAC,YAAY,CAAS;gBAEjB,cAAc,GAAE,MAAkC;IA4B9D,OAAO,CAAC,UAAU;IAuBlB,OAAO,CAAC,aAAa;IAyCrB,OAAO,CAAC,YAAY;IAgBpB,OAAO,CAAC,cAAc;IAUtB,OAAO,CAAC,WAAW;IAInB,OAAO,CAAC,cAAc;IAuBtB,OAAO,CAAC,YAAY;IAmCpB;;OAEG;IACI,cAAc,IAAI,IAAI;IAoB7B;;OAEG;IACI,cAAc,IAAI,IAAI;IAiB7B;;OAEG;IACI,OAAO,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,GAAE,QAAQ,GAAG,OAAkB,GAAG,IAAI;IAOxE;;OAEG;IACI,UAAU,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,GAAG,GAAG,IAAI;IAOtD;;;OAGG;IACI,qBAAqB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI;IAOpD;;OAEG;IACU,gBAAgB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IA4B1D;;OAEG;IACU,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC;IA2B/D;;OAEG;IACU,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC;IAoBlD;;OAEG;IACI,aAAa,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,IAAI;IAWzD;;OAEG;IACU,OAAO,CAAC,OAAO,CAAC,EAAE;QAC7B,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;QAClB,MAAM,CAAC,EAAE,MAAM,CAAC;KACjB,GAAG,OAAO,CAAC,GAAG,CAAC;IAiChB;;OAEG;IACU,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;IA8B9D;;OAEG;IACU,cAAc,IAAI,OAAO,CAAC,GAAG,CAAC;IAuB3C;;OAEG;IACI,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC,IAAI,EAAE,GAAG,KAAK,IAAI,GAAG,MAAM,IAAI;IAgBlE;;OAEG;IACI,SAAS,IAAI,UAAU,GAAG,IAAI;IAIrC;;OAEG;IACI,OAAO,IAAI,OAAO;IAIzB;;OAEG;IACU,YAAY,IAAI,OAAO,CAAC,UAAU,CAAC;IAehD,OAAO,CAAC,SAAS;IAOjB,OAAO,CAAC,UAAU;IAIlB,OAAO,CAAC,aAAa;IAMrB,OAAO,CAAC,SAAS;IAKjB,OAAO,CAAC,UAAU;IAIlB,OAAO,CAAC,aAAa;CAqBtB;AAKD,wBAAgB,aAAa,IAAI,UAAU,CAK1C"}
|
|
@@ -53,7 +53,7 @@ export class TileBridge {
|
|
|
53
53
|
}
|
|
54
54
|
handleMessage(event) {
|
|
55
55
|
// Validate origin (skip validation in dev and preview)
|
|
56
|
-
if (event.origin
|
|
56
|
+
if (!this.isValidOrigin(event.origin) && !this.isDevelopment() && !this.isPreview()) {
|
|
57
57
|
console.warn('[TileBridge] Received message from untrusted origin:', event.origin, 'expected:', this.parentOrigin);
|
|
58
58
|
return;
|
|
59
59
|
}
|
|
@@ -173,13 +173,11 @@ export class TileBridge {
|
|
|
173
173
|
}
|
|
174
174
|
// Emit local navigation event for app to handle with Next.js router
|
|
175
175
|
this.emitEvent('navigate', { route: '/page', target: 'page' });
|
|
176
|
-
//
|
|
177
|
-
|
|
178
|
-
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
});
|
|
182
|
-
}
|
|
176
|
+
// Always send to parent (tiles are always in iframes on the platform)
|
|
177
|
+
this.sendToParent({
|
|
178
|
+
type: 'tile:navigate',
|
|
179
|
+
payload: { target: 'page' },
|
|
180
|
+
});
|
|
183
181
|
}
|
|
184
182
|
/**
|
|
185
183
|
* Request to navigate back to tile view (from page)
|
|
@@ -192,13 +190,11 @@ export class TileBridge {
|
|
|
192
190
|
}
|
|
193
191
|
// Emit local navigation event for app to handle with Next.js router
|
|
194
192
|
this.emitEvent('navigate', { route: '/tile', target: 'tile' });
|
|
195
|
-
//
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
});
|
|
201
|
-
}
|
|
193
|
+
// Always send to parent (tiles are always in iframes on the platform)
|
|
194
|
+
this.sendToParent({
|
|
195
|
+
type: 'tile:navigate',
|
|
196
|
+
payload: { target: 'tile' },
|
|
197
|
+
});
|
|
202
198
|
}
|
|
203
199
|
/**
|
|
204
200
|
* Request to open a URL (with user confirmation)
|
|
@@ -467,6 +463,26 @@ export class TileBridge {
|
|
|
467
463
|
isInIframe() {
|
|
468
464
|
return typeof window !== 'undefined' && window.self !== window.top;
|
|
469
465
|
}
|
|
466
|
+
isValidOrigin(origin) {
|
|
467
|
+
// Accept exact parent origin match
|
|
468
|
+
if (origin === this.parentOrigin) {
|
|
469
|
+
return true;
|
|
470
|
+
}
|
|
471
|
+
// Accept messages from deployed apps on Cloudflare Pages (*.pages.dev)
|
|
472
|
+
// This allows apps to communicate with the parent when embedded in iframes
|
|
473
|
+
// TODO: Once all apps are on *.wtvr.app, restrict this to that domain only
|
|
474
|
+
try {
|
|
475
|
+
const url = new URL(origin);
|
|
476
|
+
if (url.hostname.endsWith('.pages.dev')) {
|
|
477
|
+
return true;
|
|
478
|
+
}
|
|
479
|
+
}
|
|
480
|
+
catch (e) {
|
|
481
|
+
// Invalid URL, reject
|
|
482
|
+
return false;
|
|
483
|
+
}
|
|
484
|
+
return false;
|
|
485
|
+
}
|
|
470
486
|
}
|
|
471
487
|
// Singleton instance
|
|
472
488
|
let bridgeInstance = null;
|