From 32cdd3b1872ba8e2267c9e87ae216cb55f40f4d2 Mon Sep 17 00:00:00 2001 From: r0hanSH Date: Sat, 26 Feb 2022 17:16:18 +0530 Subject: [PATCH] Fix DOM XSS --- plugin/notes/speaker-view.html | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/plugin/notes/speaker-view.html b/plugin/notes/speaker-view.html index 3cf492db..0c77390c 100644 --- a/plugin/notes/speaker-view.html +++ b/plugin/notes/speaker-view.html @@ -368,6 +368,10 @@ window.addEventListener( 'message', function( event ) { + if (window.location.origin !== event.origin){ + return; + } + clearTimeout( connectionTimeout ); connectionStatus.style.display = 'none';