- open Admin Console
- go to Configuration → Website → Advanced section
- set Editing Window Style to Modal Window
- go to Website & Content → Browse Website section
- select Content Mode (in top frame)
- input iframe tag like <iframe allowfullscreen="" frameborder="0" height="315" src="https://www.youtube.com/embed/seI3EA7zafw" width="560"></iframe> into some CMS block and press Save button
- confirm that modal window closes
Details
Details
- Reviewers
alex - Commits
- rINP16249: Fixes INP-1432 - Process only frames from same domain
Diff Detail
Diff Detail
- Repository
- rINP In-Portal
- Lint
Automatic diff as part of commit; lint not applicable. - Unit
Automatic diff as part of commit; unit tests not applicable.
Event Timeline
Comment Actions
Please implement same protection on other getFrame function in script.js file, as mentioned in task description.